Tag: SDLC

SQL Injection Tutorial: Tackling SQLi with Source Code Analysis

The impact of the Drupal fiasco is still being felt across all industry sectors. The world’s third biggest CMS platform was compromised with arguably the oldest hacking technique in existence – the SQL injection (SQLi). While the Drupal 7.32 update has resolved this specific problem, SQL injections won’t really go away until they are treated from the

Read More ›

open-source-static-code-analysis-security-tools

The Ultimate List of Open Source Static Code Analysis Security Tools

Doing security the right way demands an army – of developers, security teams, and the tools that each uses to help create and maintain secure code.   With the increasingly important mindset of creating quality, secure code from the start, we’ve seen a greater shift towards the adoption of tools designed to detect flaws as

Read More ›

Risks and Rewards in Security: An Interview with Josh Sokol, InfoSec Program Owner and Creator of SimpleRisk

When you’re in the midst of a security issue, getting to the point of feeling on top of security again can seem a million miles away. Because in the end, security is about being aware of what’s going on in your environment and having a proactive approach to dealing with the threats. Being able to

Read More ›

Ensuring your developers love – or at least don’t hate – security

This post originally appeared on SCMagazine.com.  By Maty Siman, Checkmarx Founder & CTO When it comes to an organization’s software security, there’s been a chronic disconnect between the developers who write and build the code and the security teams who audit and enforce the code’s security. This divide historically arose from common misunderstandings: programmers believe that

Read More ›

Learning from the Experts – How JavaScript and HTML5 Vulnerabilities Affect Application Security

Checkmarx recently sponsored an educational webinar to raise Application Security awareness amongst developers and IT professionals. JavaScript and HTML5 were given special attention in the online event hosted by SecureWorld. The aim was to shed some light on the vulnerabilities created by the integration of new features and functionality into the programming languages. Maty Siman

Read More ›

7 Tips For Choosing The Right Tool To Secure Your Application

With more and more leading applications and websites are being hacked, internet users are thinking twice before sharing personal information online. With hacktivism, commercial espionage and criminal hackings on the rise, it has become extremely crucial to safeguard databases and make sure that adequate application-layer security is in place. Unfortunately, the responsibility for providing this

Read More ›

No Kidding. 5-Year Old Hacks Dad’s Xbox

Hackers and fraudsters are reaching new levels of effectiveness in locating security glitches. Almost any device that can connect to the internet has been proven to be vulnerable. But this time it’s a 5-year old American kid who has exposed a glaring vulnerability in the popular Xbox Live online gaming platform.  

Read More ›

ATMs Raided With Ploutus as Windows XP Zero Day Approaches

Windows XP will be officially discontinued on 8 April, but the legend platform is far from becoming extinct. 95% of the world’s ATMs are still powered by the 12-year old operating system, opening the door for Ploutus attacks. More and more hackers are using SMS messages to steal money. As informed in our previous Windows

Read More ›

Mobile Friday: Ten Commandments of Android Safety

The Android mobile platform has come a long way since its introduction in 2008. Almost 80% of smartphones activated last year (2013) were powered by the “green robot”. But the customizable interface and other open source advantages come at a price. Android is ridden with vulnerabilities. Android’s biggest convenience is also its biggest security issue.

Read More ›

Bitcoin Crashing Due To Steep Rise in Cybercrime

The Bitcoin bandwagon has stalled. The value of the Cryptocurrency skyrocketed in 2013, but a downward trend is being witnessed this year. Investors and traders wishing to see Bitcoins in the mainstream e-commerce scene will probably have to wait a little longer. Besides the glaring lack of regulation and worrying price volatility, cybercriminal activity has

Read More ›

Jump to Category