Tag : Hackers


What’s HOT in Application Security Vol #40

Jan 14, 2013 By asaphs | Shape Security: Getting Down to the Root of Hacking
When treating an illness, it is generally more effective to treat the source of the problem rather than the symptoms. Shape Security is trying to do the same in the field of website security. While all other products are geared towards a faster, cheaper, and better way of preventing and stopping attackers, Sumit Agarwal, co-founder and vice president of Shape claims that they are “striking at the core mechanics of how those things work and making them harder to do in the future” by focusing on cutting edge attackers and crimeware ecosystem. Basically, it won’t be “offensive security” but defensive security, making it harder and more costly to do any damage.

</Read More>

What’s HOT in Application Security Vol #39

Dec 13, 2012 By asaphs |
2013 Threat Predictions
This past week, one of the frontrunners in high-performance network security announced their predictions for the top threats of 2013. The following are highlights of the top 3. 1. Advanced Persistent Threats (APTs) – Generally known to target specific classified information by using various methods and vectors, this coming year they are predicted to target high-powered civilians such as CEOs, celebrities, and politicians. This prediction will be hard to verify since the attacker could easily remove the malware undetected and those who become aware will probably keep it hidden from the media anyway. The targeted information is likely to be used for criminal activities such as blackmail. 2. Two Factor Authentication – It seems as if one password is not enough to be secure these days. Anyone could easily download a program which can crack an alpha-numeric password no problem. Next year, we’ll likely see more web-based logins that will require a password plus a secondary password which will be either sent via SMS or a stand-alone security token. 3. Targeting Machine-to-Machine (M2M) Communications – M2M communications allow wireless and wired machines to communicate with other devices which can solve many human error problems. However, the security of these systems is still questionable. Hacking into M2Ms has not been seen yet, but this is likely to happen next year unless there is improvement in their security. For more information visit http://www.equities.com/news/headline-story?dt=2012-12-10&val=807181&cat=goods.

</Read More>

What’s HOT in Application Security Vol #36

Nov 13, 2012 By asaphs | EU Official hacked at an Internet Security Conference
A European Union Official has come out in a statement which declared that her staff was hacked when they attended an internet Security conference last month in Azerbaijan. EC Vice President Neelie Kroes, released a statement about the ironic hack in her blog last week, where she went into further detail to explain the scope of what happened and how her and her employees computers were compromised at a meeting of the Internet Governance Forum in Baku.

</Read More>

What’s HOT in Application Security Vol#32

Oct 17, 2012 By asaphs | The Sony hacker facing up to 5 years in prison
Raynaldo Rivera who was arrested in August after hacking the Sony Pictures Website has pleaded guilty to the allegations against him and faces a hefty prison sentence of up to five years. The guilty plea was a compromise with the United States Attorney’s Office for the Central District of California. As part of the agreement, Rivera will plead guilty to only one charge against him.

</Read More>

What’s HOT in Application Security Vol#31

Oct 09, 2012 By asaphs | This Year’s Hack In The Box Conference To Hold Big Hitters In The Web Application Security World
This year’s famous Hack In The Box security conference is being held in Kuala Lumpur. Among the interesting events, Google will be hosting its Pwnium competition which first debuted at the CanSecWest security conference in March in Vancouver, British Columbia.

</Read More>

What’s HOT in Application Security Vol #30

Sep 30, 2012 By asaphs | Hackers breach major Canadian based control system technology supplier
Hackers have within the last few days managed to hack a major Calgary based technology company, Telvent Canada, known to be major suppliers of control systems for electrical grids, public water systems, public transport functions and most of Canada’s oil and pipelines. Insiders say the hacking was substantial enough to warrant the intervention of the Canadian spy service, the RCMP and the federal government’s special cyber response agency.

</Read More>

What’s HOT in Application Security Vol #27

Sep 04, 2012 By asaphs | Could a lack of web application security be affecting your businesses share price?
It has been noted that in larger corporations the linkage of the brand to a string of negative security issues can seriously affect the share price for the worse.

</Read More>

What’s HOT in Application Security Vol #22

Jul 31, 2012 By asaphs | Game publisher Ubisoft in hot water due to serious security threat
Ubisoft is a household name synonymous with fantastic, exciting games and also with a zero tolerance approach to game piracy. The company has been plagued with problems recently after the Uplay network has been absolutely overloaded with issues; outages, technical issues and now security!

</Read More>

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Follow us on Feedly

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.