Application SecurityCheckmarxHackingIsraelSASTSource Code AnalysisVulnerabilitywebsite security Checkmarx: Challenging The Application Security Field Nov 5, 2013 by Sarah Vonnegut This article originally appeared in Israeli publication The Marker. Read it in Hebrew here. By Jonathan Raveh In a world where security breaches can cause enormous daily losses of up to millions of dollars, companies have started to develop a deeper understanding of what it takes to protect and secure the digital side of their Read More › Application SecurityCheckmarxHackingIsraelSASTSource Code AnalysisVulnerabilitywebsite security
Arab Electronic ArmyBank of AmericaCanadaCitigroupHackersHTML5Innocence of MuslimsJPMrgan Chasse & Co.most common attack vectorsTelventutilitiesWeb Application Securitywebsite security What’s HOT in Application Security Vol #30 Sep 30, 2012 by asaphs Hackers breach major Canadian based control system technology supplier Hackers have within the last few days managed to hack a major Calgary based technology company, Telvent Canada, known to be major suppliers of control systems for electrical grids, public water systems, public transport functions and most of Canada’s oil and pipelines. Insiders say the hacking Read More › Arab Electronic ArmyBank of AmericaCanadaCitigroupHackersHTML5Innocence of MuslimsJPMrgan Chasse & Co.most common attack vectorsTelventutilitiesWeb Application Securitywebsite security
Application SecurityCloud SecurityMobile SecuritySource Code AnalysisSQL InjectionVulnerabilitywebsite security What’s HOT in Application Security Vol #20 Jul 16, 2012 by Checkmarx Yahoo left red-faced after SQL injection vulnerability reveals nearly half a million passwords! A hacking group who name themselves ‘DD3Ds Company’ have, within the last few days leaked 453,492 yahoo text passwords for Yahoo accounts. DD3Ds Company now claim that they attained the passwords by means of SQL injection against a poorly secured Yahoo subdomain. Security Read More › Application SecurityCloud SecurityMobile SecuritySource Code AnalysisSQL InjectionVulnerabilitywebsite security
Application SecurityBest practicesCloud SecurityHackingVulnerabilitywebsite security What’s HOT in Application Security Vol #17 Jun 25, 2012 by Checkmarx PayPal to Grant Money for Reported Vulnerabilities Asking hackers to report security breaches they find without being rewarded doesn’t seem to work. There has to be some kind of an incentive. EBay, Amazon, Sony and now PayPal will provide security researchers who discover vulnerabilities in its website with money prizes. This encourages hackers to search Read More › Application SecurityBest practicesCloud SecurityHackingVulnerabilitywebsite security
Application SecurityBest practicesCloud SecurityData Security BreachHackingLinkedinsocial mediaSQL InjectionVulnerabilitywebsite securityXSS What’s HOT in Application Security Vol #16 Jun 18, 2012 by Checkmarx WHMCS still vulnerable after latest string of attacks WHMCS is a UK supplier of technical support and customer service is yet again the victim of a Ddos attack, due to its inability to mend an already known SQL Injection vulnerability. The embarrassment continued for the company in the days following where a hacker was auctioning Read More › Application SecurityBest practicesCloud SecurityData Security BreachHackingLinkedinsocial mediaSQL InjectionVulnerabilitywebsite securityXSS
Application SecurityAutomationBest practicesData Security BreachSASTSQL Injectionstatic code analysisVulnerabilitywebsite security Coding Security Into Applications – Secure SDLC Jun 4, 2012 by Checkmarx We wanted to share with you an excellent article written by Richard Janezic from midsizeinsider.com that covers the alarming state of application security, and how many of the current security vulnerabilities can be prevented by dedicating more thought into developing a secure coding methodology utilizing technologies that are available in the marketplace and considerably reduce the complexity Read More › Application SecurityAutomationBest practicesData Security BreachSASTSQL Injectionstatic code analysisVulnerabilitywebsite security
Application Securitycase studiesCloud SecurityData Security BreachSource Code Analysiswebsite security What’s HOT in Application Security Vol#13 May 21, 2012 by Checkmarx The High Price of Web Application Security What is the true cost of web application security? One CISO might say ‘My entire security solution cost me $40,000’, another might quote a higher price but many companies will simply answer ‘What is the cost of no application security?’ Read More › Application Securitycase studiesCloud SecurityData Security BreachSource Code Analysiswebsite security
Application SecurityInfographicsMalwareSocialVulnerabilitywebsite security [INFOGRAPHIC] The State of IT Security May 16, 2012 by Checkmarx Source Read More › Application SecurityInfographicsMalwareSocialVulnerabilitywebsite security
Application SecurityCloud SecurityData Security BreachMobile bankingSQL Injectionstatic code analysisVulnerabilitywebsite security What’s Hot in Application Security Vol #11 May 9, 2012 by Checkmarx Is fear in the Cloud misplaced? Who’s afraid of the big bad cloud? Everyone apparently! Corporations, Public Companies; the list is endless. Cloud Security is synonymous with problems. When we consider Cloud Security we think about application security and guarding sensitive data. Cloud Security has been one of the things on the front of the Read More › Application SecurityCloud SecurityData Security BreachMobile bankingSQL Injectionstatic code analysisVulnerabilitywebsite security
Data Security BreachemailphishingVulnerabilitywebsite security 3 Most Common Phishing Scams May 3, 2012 by Checkmarx A recent report by the Securities and Exchange Commission (www.sec.gov), indicates that phishing is on the rise. In fact, phishing is the kind of cybercrime an average user is most likely to encounter on a day-to-day basis. Phishing attacks rely on human vulnerabilities, making them more difficult to defend against when compared to viruses, for example. Although Read More › Data Security BreachemailphishingVulnerabilitywebsite security