Tag : Mobile Security


Pass on Puffchat, A Less Secure Snapchat

Mar 06, 2014 By Sarah Vonnegut | It’s telling enough when a private messenger is found to be leaking user information and the private messages it had promised to keep secure. But when a “secure” alternative to the private messenger has been found to be just as – if not more – risky, the jury is apparently still out on what a secure messaging app actually means.
And that’s where we are today, after the supposed ‘answer’ to hackable Snapchat, Puffchat, has also been found to be highly exploitable. The service, whose Twitter bio describes it as “the texting alternative to Snapchat – The evidence is gone forever,” contains several vulnerabilities, rendering it much less secure than it markets itself as and falsely representing itself.  

</Read More>

Second Major iOS Security Flaw Found, No Update Yet

Feb 25, 2014 By Sarah Vonnegut | Apple is having quite a rough week. While security world is still reeling from this past week’s vulnerability discovery and fix, researchers have identified yet another security flaw in Apple’s iOS that attackers could exploit to remotely monitor a user.
With this newly discovered vulnerability, hackers are able to log a user’s keystrokes, including touch inputs and button uses, using a ‘host’ app. The exploit targets a flaw in iOS’s multitasking capabilities to capture user inputs and send them to a remote server. The attacker could then use the data to recreate every action and character the user inputs.

</Read More>

NSA Uses Angry Birds, Google Maps, & Other ‘Leaky’ Apps To Spy

Jan 28, 2014 By Sarah Vonnegut | We’re already well-informed of just how far-reaching the NSA’s data-tapping techniques are, but newly published leaks have taught us more methods to the NSA-madness. According to new documents furnished by Edward Snowden, the NSA and British-counterpart GCHQ have been tapping into commercial data troves collected by popular smartphone apps like Angry Birds and Google Maps as well as their third party advertisers. The information ranges from your gender to where you’re located to where you’re planning on going – and more.

</Read More>

Top-10 Essential Challenges of Mobile Security

Nov 29, 2013 By Sharon Solomon | Mobile Security has become a crucial aspect of protecting sensitive data and information. Malicious attacks once focused on PC’s have now shifted to mobile phones and applications. Mobile makers are aware of this fact and are investing heavily in security.

</Read More>

What’s HOT in Application Security Vol #40

Jan 14, 2013 By asaphs | Shape Security: Getting Down to the Root of Hacking
When treating an illness, it is generally more effective to treat the source of the problem rather than the symptoms. Shape Security is trying to do the same in the field of website security. While all other products are geared towards a faster, cheaper, and better way of preventing and stopping attackers, Sumit Agarwal, co-founder and vice president of Shape claims that they are “striking at the core mechanics of how those things work and making them harder to do in the future” by focusing on cutting edge attackers and crimeware ecosystem. Basically, it won’t be “offensive security” but defensive security, making it harder and more costly to do any damage.

</Read More>

What’s HOT in Application Security Vol #29

Sep 18, 2012 By asaphs | More than half of all companies experienced a security breach in the past year and a half
More than half of all companies in the world experienced some kind of security breach in the past 18 months; worrying statistic, given the level of damage a security breach can do to a company. The statement comes from a report which was released last week dubbed the “Software Security Risk Report”.

</Read More>

What’s HOT in Application Security Vol #20

Jul 16, 2012 By Administrator | Yahoo left red-faced after SQL injection vulnerability reveals nearly half a million passwords!
A hacking group who name themselves ‘DD3Ds Company’ have, within the last few days leaked 453,492 yahoo text passwords for Yahoo accounts. DD3Ds Company now claim that they attained the passwords by means of SQL injection against a poorly secured Yahoo subdomain. Security experts have named the it as Yahoo Voices.

</Read More>

What’s HOT in Application Security Vol #19

Jul 09, 2012 By Administrator | Cyber Attacks on ATM and online banking are at an all time high
Cyber Attacks which are aimed at online banking applications are at an all time high, according to several security experts. Unsurprisingly, almost one third of all attacks were aimed at banks which reside in the Gulf, where the banks are swelling with oil money and where small amounts of money missing from accounts are likely to go un-noticed.

</Read More>

What’s HOT in Application Security Vol #18

Jul 02, 2012 By Administrator | What are the Top Flaws in Web Applications?
When it comes to security, web applications are consistently the most vulnerable to penetration. Here are some of the top flaws in web applications:

</Read More>

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Follow us on Feedly

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.