Tag : Microsoft

iStock_000018220191Small

No Kidding. 5-Year Old Hacks Dad’s Xbox

Apr 08, 2014 By Sharon Solomon | Hackers and fraudsters are reaching new levels of effectiveness in locating security glitches. Almost any device that can connect to the internet has been proven to be vulnerable. But this time it’s a 5-year old American kid who has exposed a glaring vulnerability in the popular Xbox Live online gaming platform.  

</Read More>
iStock_000012980185XSmall

ATMs Raided With Ploutus as Windows XP Zero Day Approaches

Mar 31, 2014 By Sharon Solomon | Windows XP will be officially discontinued on 8 April, but the legend platform is far from becoming extinct. 95% of the world’s ATMs are still powered by the 12-year old operating system, opening the door for Ploutus attacks. More and more hackers are using SMS messages to steal money. As informed in our previous Windows XP Update, there are worrying amounts of businesses and workplaces still using the expiring platform. Surprisingly, such outdated systems and networks are not exclusive to poor countries. The biggest problems are expected in the banking industry, with thousands of ATMs still using Windows XP. Upgrading the systems to newer software is going to be a long and costly process. Cybercriminals are already exploiting this issue.

</Read More>
iStock_000019119199Small

Windows XP Dying Maliciously, Zero-Day Attacks Imminent

Mar 10, 2014 By Sharon Solomon | Microsoft has announced that all official Windows XP support will be terminated on April 8, 2014. But despite the fact that zero-day is just around the corner, millions of businesses and individuals are still using the legacy platform, making them extremely vulnerable to hacking and malware attacks. The Windows XP platform’s ecosystem is officially going to expire. Launched in 2001, Microsoft ended its mainstream support for the platform in April 2009. A 5-year support plan was then announced following the platform’s huge success.

</Read More>
iStock_000025750773Small-300x198

Simplifying Password Security Through Sound: Google’s New Tech ‘Toy’

Feb 18, 2014 By Sarah Vonnegut | Passwords have taken on a bad name lately. In countless security breaches and incidents, they’ve been too easy to crack, too difficult to remember, not encrypted enough, the right way, or at all. We each login to so many different sites on a daily basis, with each one supposed to have its own unique password so that even people with photographic memories would have trouble remembering them all.

</Read More>
iStock_000013338789Small-300x199

Crowdfunding Kickstarter Gets Hacked & Other Security Stories This Week

Feb 16, 2014 By Sarah Vonnegut | This week, Kickstarter suffered its’ first major breach with minor consequences, Target’s back in the ring with new reports indicating missed warnings from analysts about the payment systems, the Syrian Electronic Army strikes again, this time hitting Forbes, Internet Explorer suffered critical zero-day exploits and more. Before the next week full of security scares rolls in, take a moment to catch up on the stories you may have missed last week. 

</Read More>
439px-Microsoft_logo.svg_-300x300

Microsoft releases Security Advisory, Windows Users at Risk

Nov 08, 2013 By Sharon Solomon | In a sudden turn of events, Microsoft has released a Security Advisory regarding vulnerability in some of its most common software versions. This security flaw can allow hackers to execute codes remotely by gaining full access to user’s computers.

</Read More>
fotoklein

The Value of Secure Coding Procedures by Don Eijndhoven

Jan 08, 2013 By Administrator | An interesting post by Don Eijndhoven, CEO of Argent Consulting
I recently had a very interesting conversation with Dave Hyman, VP SaaS at Checkmarx, who asked me how I saw the future of cyber security (or information security, take your pick). Now, as I’m sure you´ll agree with me, that’s a fairly abstract question that can go a lot of ways. My friends will confirm that I enjoy waxing philosophical discussions like that, but given what Checkmarx does with a Cloud based solution for code security, that is the direction this talk went. And there really is a lot to say about secure coding practices that I feel doesn’t quite getting the limelight it deserves. Any Information Security course or lesson in Security certification will stress that security should be part of the code design practice rather than being tacked on at a later stage; I couldn´t agree more. Unfortunately, security precautions made in the coding process, which turns a design into a working product, are often overlooked and that is a mistake.

</Read More>

What’s HOT in Application Security Vol #29

Sep 18, 2012 By asaphs | More than half of all companies experienced a security breach in the past year and a half
More than half of all companies in the world experienced some kind of security breach in the past 18 months; worrying statistic, given the level of damage a security breach can do to a company. The statement comes from a report which was released last week dubbed the “Software Security Risk Report”.

</Read More>
microsoft-logo

What’s HOT in Application Security Vol#26

Aug 27, 2012 By asaphs | Microsoft vulnerable to VPN attack
Microsoft’s MS-CHAP v2 (Microsoft Challenge Handshake Authentication Protocol version 2) which is used to authenticate users in PPTP-based (Point-to-Point Tunneling Protocol) VPNs has been shown to be vulnerable to hacks according to reports from the recent Defcon conference.

</Read More>

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Follow us on Feedly

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.