Tag : Security Vulnerabilities

OpenSSL-Vulnerabilities-01

OpenSSL Vulnerabilities: Takeaways from the Latest Patch

May 06, 2016 By Sarah Vonnegut | The OpenSSL project this week released a series of patches to combat six vulnerabilities that have been discovered as of late, including two high-severity flaws that would give attackers the ability to decrypt HTTPS traffic, execute malicious code on vulnerable servers, and possibly even cause servers to crash. Ironically, one of the flaws was actually inadvertently implemented as part of the fix for the Lucky 13 flaw that was discovered in 2013.

</Read More>
Full-Disclosure-300x300

So You Found A Security Bug – Now What?

Apr 09, 2014 By Sarah Vonnegut | Security vulnerabilities are discovered, reported and fixed every day.  But how can we more easily learn about them, and how can the white-hat hackers that find them keep their finds organized? “I prefer a world where I have all the information I need to assess and protect my own security,” Bruce Schneier wrote in an essay on Full Disclosure in 2007. It’s a need the industry is still working out.
Big issues are usually reported, a perfect example being the Heartbleed OpenSSL vulnerability, but the small flaws go unnoticed by most – and that’s a big problem. Security researcher and auditor Sergey Belov is trying to help mend the gap between securities bugs and the general public with his new site, BugsCollector.com.

</Read More>
Adobe-Flash-Player

Patch It Up Pronto! Critical Zero-Day Update For Adobe Flash

Feb 04, 2014 By Sarah Vonnegut | After discovering a previously unknown remote exploit, Adobe Systems, Inc. has released a critical security patch for Flash Player. They are urging all users to download the latest version as soon as possible.The security bulletin said that the updates are meant to address a critical security vulnerability that would allow a malicious attacker to remotely exploit the affected computer. Adobe said they are aware of reports stating that this exploit exists in the wild.

</Read More>
budget-savings-m

What’s HOT in Application Security Vol#23

Aug 06, 2012 By asaphs | Top security expert notes hackers aiming for cross-platform vulnerabilities
An increasing amount of hackers are aiming to use cross-platform malware to attack both Microsoft and Apple application vulnerabilities. Hackers tend to favor third party applications that run on both Macs and Windows such as Adobe PDF, Adobe Flash, Java as well as others.

</Read More>

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Follow us on Feedly

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.