Tag : MitM

eBay-Small

eBay Data Breach: A Big Wake-Up Call for e-Commerce Giants

May 27, 2014 By Sharon Solomon | eBay, the world’s largest and most used eCommerce platform, has suffered a major security breach. More than 100 million users have been affected in what has become this year’s biggest cybercrime so far. It’s still not clear how the intruders gained access to the eBay databases, but this is definitely the right time to bolster application security.
Identity/data theft has become serious problem in recent years. The aforementioned eBay breach is still creating waves as millions of usernames, passwords, phone numbers and physical addresses have been stolen.
“Cyber-attackers compromised a small number of employee log-in credentials, allowing unauthorized access to eBay’s corporate network,” eBay recently commented. “The company is aggressively investigating the matter.”

</Read More>
Viber

Mobile Sunday: Viber Encryption Troubles Putting Millions at Risk

May 04, 2014 By Sharon Solomon | The Viber instant messaging app has become a household name, with over 200 million downloads worldwide. This cross-platform software is also compatible with desktops and provides unique functionality. But researchers at the University of New Haven have now exposed the lack of data encryption in the popular mobile app, a serious security problem. This is the second IM vulnerability exposed by the UNH experts this month, with the previous one being found in the WhatsApp messenger. The Facebook-owned service was found to give away user location in an unencrypted and open form. Viber is now feeling the heat. Hackers can easily perform man-in-the-middle attacks to harvest sensitive user data. Its even possible to retrieve messages including photos, videos and location-related data from the Viber servers.

</Read More>
iStock_000027398631XSmall

Rough 2014 Predicted For Two-Step Verification

Dec 30, 2013 By Sharon Solomon | Two-Step Security is the latest weapon in the battle against cybercrime. More and more major websites are adopting the Double Verification technique to deter hackers from stealing personal data and information. But there is bad news – this method will be rendered ineffective or even useless in 2014.

</Read More>

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Follow us on Feedly

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.