Tag : Malware

Checkmarx

Israeli IT Prodigies Visit Checkmarx HQ

Jan 27, 2016 By Sharon Solomon | Checkmarx is continuing its tradition of hosting the brightest programming and computing minds from Israel’s leading academic institutions. This year it was a group of young kids who are currently honing their skills at the Tel Aviv University (TAU). They are a part of a special program that will enable them to complete their college degree by the age of 18. Here are a few highlights from their visit at the Checkmarx headquarters in Tel Aviv.
</Read More>
Online Banking Security

All You Wanted To Know About Online Banking Security

Jan 17, 2016 By Sharon Solomon | Gone are the days when people frequented their banks to get their errands done. With more and more banking activities being performed online via web and mobile applications, the security risks are rising exponentially. But are banks and financial institutions doing enough to safeguard our privacy and financial assets? What are the risks and what role do application developers play in providing online banking security? Let’s take a closer look.
</Read More>
The-Honeypot-Sting-Hacking-the-Hackers-300x300

The Honeypot Sting: Hacking the Hackers

Apr 16, 2014 By Sarah Vonnegut | How can you tell who’s up to no good when it comes to your networks and computer systems? Simon Bell, a computer science student in his last year at the University of Sussex, has set out to help answer that question. He’s created an SSH (Secure Shell) honeypot written in C with the aim of researching the techniques of malicious attackers trying to infiltrate the network. Dubbed Secure Honey, Bell designed his honeypot as a final project, which he tracks and writes about on his site. Hacking the Hackers: Honeypots, for the uninitiated, are decoy systems or servers designed to track and log the activities of attackers trying to intrude your system (SANS has a great FAQ for further reading).  Instead of the attackers gaining data, the honeypot collects the actions and attempts at intrusion for further analysis. The would-be hackers get nothing – and will quickly move on to the next possibly vulnerable server after a few fruitless tries. “Something really drew me to the idea of luring hackers into a honeypot to watch how they operate and to discover what sort of techniques they may deploy to infiltrate a system,” he says. Anyone can keep up with what Secure Honey attackers are up to on Bell’s live stats page, where hacking attempts, the most commonly used passwords and more are tracked in real time.
</Read More>
iStock_000012980185XSmall

ATMs Raided With Ploutus as Windows XP Zero Day Approaches

Mar 31, 2014 By Sharon Solomon | Windows XP will be officially discontinued on 8 April, but the legend platform is far from becoming extinct. 95% of the world’s ATMs are still powered by the 12-year old operating system, opening the door for Ploutus attacks. More and more hackers are using SMS messages to steal money. As informed in our previous Windows XP Update, there are worrying amounts of businesses and workplaces still using the expiring platform. Surprisingly, such outdated systems and networks are not exclusive to poor countries. The biggest problems are expected in the banking industry, with thousands of ATMs still using Windows XP. Upgrading the systems to newer software is going to be a long and costly process. Cybercriminals are already exploiting this issue.
</Read More>
iStock_000031268648Small

Cridex Banking Trojan Still Alive and Kicking

Mar 12, 2014 By Sharon Solomon | The Cridex Banking Trojan is wreaking havoc in Europe, especially in Germany. Hackers are implementing the traditional phishing methodology to trick victims into compromising their banking information. The Cridex malware has now officially overtaken the ZeuS Trojan and its clones thanks to the recent activity spike. Six different URL schemes are being used to cover-up the spam campaigns. The malicious mails are masked with graphics and text from German commercial giants such as Telekom (almost half of the infected URLs), Volksbank, Vodafone and also NTTCable.
</Read More>
11297241203_453f1342a6_b-300x225

On Tracking the Creator of Bitcoin, a Breach at Sally Beauty and Facebook Clickjacking: Security News Update

Mar 09, 2014 By Sarah Vonnegut | It was a crazy week, with the secretive Bitcoin creator supposedly outed, details of 280,000+ payment cards tied to Sally Beauty purchases discovered for sale online and a new Facebook clickjacking campaign that preys on the curious, so let’s get down to it shall we? Here are your weeks biggest security stories: 
</Read More>
Russia

Uroburos Spy Malware; From Russia With Love

Mar 05, 2014 By Sharon Solomon | The political tension in between Russia and the USA is mounting and the latest cyberweapon revelation is not going to help calm the relations. German security firm G-Data has exposed Uroburos, a sophisticated and complex rootkit that has been infiltrating US related targets for more than 3 years. Uroburos has also been analyzed and broken down by the aforementioned German research lab. The source code revealed comments written in Russian, which means that the Russian government is probably behind the espionage software.
</Read More>
yahoo-logo-300x70

Your Weekly Security Wrap-Up: Yahoo, Sears, YouTube & More

Mar 02, 2014 By Sarah Vonnegut | Yahoo’s in the news again with a new vulnerability (now fixed) and a starring role, unknown to them, in the Brit’s surveillance methods. With Sears possibly facing another breach and a cache of 360 million user credentials found for sale on the black market, there’s a lot to know about so take a few minutes and catch up on all you may have missed!
</Read More>
iStock_000010131012Small

Justin Bieber Malware Spreading Across The Web

Jan 29, 2014 By Sharon Solomon | We all have different opinions on the Justin Bieber phenomenon, but there is no denying his star-power and influence over the younger generation. The Canadian star is constantly in the headlines for the wrong reasons, including a DUI arrest last week. Interestingly, this event has deeply affected information security worldwide.
</Read More>

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Follow us on Feedly

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.