Tag : Yahoo


All You Wanted to Know About the Heartbleed Bug

Apr 10, 2014 By Sharon Solomon | The steep rise in E-commerce and online transactions has made application security a major priority. SSL and TLS protocols were the benchmarks of online safety until recently. Everything changed when Random Storm, a British security company, exposed the Heartbleed bug. This major vulnerability has simply dented the once reliable OpenSSL technology. Hundreds of websites have been at risk since the vulnerability was introduced back in 2011. The extent of damage is not yet known. Millions of passwords, usernames and credit card numbers could have been compromised due to this breach. All CISOs and Security executives are busy re-configuring their networks and changing passwords for sensitive accounts. The panic is justified as more than two-thirds of the servers today completely rely on the OpenSSL protocol as their security backbone.

</Read More>

Your Weekly Security Wrap-Up: Yahoo, Sears, YouTube & More

Mar 02, 2014 By Sarah Vonnegut | Yahoo’s in the news again with a new vulnerability (now fixed) and a starring role, unknown to them, in the Brit’s surveillance methods. With Sears possibly facing another breach and a cache of 360 million user credentials found for sale on the black market, there’s a lot to know about so take a few minutes and catch up on all you may have missed!

</Read More>

Yahoo Mail Hacked. Strong Passwords Now A Necessity

Feb 03, 2014 By Sharon Solomon | While hackers are finding new ways to infiltrate computers and networks, email accounts remain the preferred target for extracting sensitive data. The latest breach was found in the Yahoo email service, which was officially acknowledged and confirmed by the internet company on its Tumblr page.

</Read More>

What’s HOT in Application Security Vol #27

Sep 04, 2012 By asaphs | Could a lack of web application security be affecting your businesses share price?
It has been noted that in larger corporations the linkage of the brand to a string of negative security issues can seriously affect the share price for the worse.

</Read More>

What’s Hot in Application Security Vol #21

Jul 23, 2012 By asaphs | DARPA funded hacking device ready for release
The Defense Advanced Projects Research Agency (DARPA) has just finished funding a new device called The Power Pwn. The new device which is cunningly concealed as a regular power strip is anything but! The new device is actually a Hacking tool for launching remotely-activated WI-Fi, Bluetooth and Ethernet attacks.

</Read More>

Stay Connected

Sign up today & never miss an update from the Checkmarx blog

Follow us on Feedly

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.