Tag : Heartbleed

iStock_000030628102Large

15 AppSec Tips From the Top Ethical Hackers of 2014

Dec 31, 2014 By Sharon Solomon | 2014 will go down as the year of the mega-attacks. It all started off during last years holiday season with the Target hackings that affected over 100 million customers. Soon the Heartbleed and Shellshock vulnerabilities were exposed, causing havoc all across the planet. The hackings kept on coming in the latter stages of the year – the Snapchat fiasco, iCloud photo leaks and North Korean orchestrated Sony Pictures hacking just to name a few.  
</Read More>
Cube

Checkmarx Heartbleed Vaccination Now Available

Apr 29, 2014 By Sharon Solomon | Checkmarx has now released an update that scans your application source code for the Heartbleed-vulnerable library code.  The Heartbleed vulnerability had affected almost half a million secure web servers, certified by trusted authorities, by the time it was exposed. The bad news is that the problem still exists. More than 2% of the Alexa world top 1,000,000 websites are still susceptible to attack.
</Read More>
iStock_000033207252Small-300x199

The Week in Security: Your Top 6 Stories

Apr 26, 2014 By Sarah Vonnegut | Apple Security Updates and Spoofing and Heartbleed …oh my. These are your weeks top security stories:
Aol Hit With Major Email Spoofing Hack
In a blast from the past security story, Aol email users have been suffering from spoofed accounts. Spoofed emails are pesky messages, in this case containing malicious links, that had their FROM field changed to make it look like it’s coming from the victim, but are just coming from the spammer/spoofer’s account, sent from their server. If there are bounce-backs from emails you didn’t send out, you’ve most likely been spoofed. Once your account has been spoofed, there’s not a whole lot you can do.
</Read More>
Heartbleed-4-300x300

Top 5 in Security: Your Weekly Update

Apr 11, 2014 By Sarah Vonnegut | The security industry took a massive hit this week with the Heartbleed bug, and while it took most of the focus, there’s some notable news that you may have missed. Here are your top 5 security stories of the week:
</Read More>
iStock_000031271006XSmall

All You Wanted to Know About the Heartbleed Bug

Apr 10, 2014 By Sharon Solomon | The steep rise in E-commerce and online transactions has made application security a major priority. SSL and TLS protocols were the benchmarks of online safety until recently. Everything changed when Random Storm, a British security company, exposed the Heartbleed bug. This major vulnerability has simply dented the once reliable OpenSSL technology. Hundreds of websites have been at risk since the vulnerability was introduced back in 2011. The extent of damage is not yet known. Millions of passwords, usernames and credit card numbers could have been compromised due to this breach. All CISOs and Security executives are busy re-configuring their networks and changing passwords for sensitive accounts. The panic is justified as more than two-thirds of the servers today completely rely on the OpenSSL protocol as their security backbone.
</Read More>

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Follow us on Feedly

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.