News
News
This is how I convinced the CEO of Salesforce to invest in our startup
September 12, 2022Checkmarx consistently challenges the boundaries of application security, to make application security easy and natural for the software developer community; and at the same time give CISOs the ability and... Read More
JuiceLedger Hacker Linked to First Phishing Campaign Targeting PyPI Users
September 2, 2022A new advisory by SentinelLabs and Checkmarx has linked a threat actor called ‘JuiceLedger’ to the first known phishing campaign targeting Python Package Index (PyPI) users. Read More
Actors behind PyPI supply chain attack have been active since late 2021
September 1, 2022The official software repository for the Python language, Python Package Index (PyPI), has been targeted in a complex supply chain attack that appears to have successfully poisoned at least two legitimate... Read More
The security flaw that Python developers should be aware of
August 29, 2022Security firm Checkmarx found that one in three software packages from PyPI contains a flaw that can lead to malicious code being automatically installed. Read More
RING OF FIRE: Millions of Ring doorbell owners warned of ‘high severity’ bug – check your app now
August 23, 2022A 'HIGH severity' app blunder put Ring doorbell video recordings at risk, it's been revealed. Tech giant Amazon quietly updated the Ring app for Android in May to fix the security slip-up. Read More
Amazon’s Ring Patches Flaw That Could’ve Let Hackers Access Camera Footage
August 18, 2022Earlier this year, security researchers uncovered a way to access a customer’s Ring security camera footage by hacking the Android app for the service. On Thursday, cybersecurity vendor Checkmarx disclosed(Opens in a new... Read More
Amazon Ring vulnerability could have been used to spy on users
August 18, 2022Amazon has patched a vulnerability in the Ring Android application which, left unchecked, had the potential to expose the personal data of Ring product owners, including their video recordings and location data,... Read More
Ring patched an Android bug that could have exposed video footage
August 18, 2022Amazon quietly but quickly patched a vulnerability in its Ring app that could have exposed users' camera recordings and other data, according to security firm Checkmarx. Read More
Amazon’s Ring quietly fixed security flaw that put users’ camera recordings at risk of exposure
August 18, 2022Amazon-owned Ring quietly fixed a “high-severity” security vulnerability in May that could have allowed malicious actors to access camera recordings from Ring video doorbells and extract users’ personal data. Read More
Black Hat 2022 Reveals Enterprise Security Trends
August 15, 2022The blast radius of cyberattacks on an enterprise is projected to keep growing, extending several layers deep into software supply chains, devops and tech stacks. Black Hat 2022’s presentations and announcements for enterprise security provide a sobering look at how enterprises’ tech stacks are at risk of more complex, devastating cyberattacks. Held last week... Read More
Top cybersecurity products unveiled at Black Hat 2022
August 11, 2022Zero trust security management, extended detection and response (XDR), and a host of other threat and vulnerability management offerings were among the top products and services launched at Black Hat USA 2022 this week in Las Vegas. Read More
Checkmarx API Security identifies shadow and zombie APIs during software development
August 11, 2022In Las Vegas, at Black Hat USA 2022, Checkmarx has released Checkmarx API Security, the “shift-left” API security solution. Building on the launch of Checkmarx Fusion, which prioritizes and correlates vulnerability data from... Read More
35K Malicious Code Insertions in GitHub: Attack or Bug-Bounty Effort?
August 4, 2022A hacker going by the handle "Pl0xP" cloned a large number of GitHub repositories and slightly changed the cloned repository names, in a typosquatting effort to impersonate legitimate projects —... Read More
Cybersecurity Startups Make Waves at RSAC 2022
June 9, 2022RSA Conference 2022 showcased cybersecurity startups vying for a foothold in the crowded market. Here’s a roundup of the top announcements. Read More
Checkmarx Fusion Released
June 8, 2022Checkmarx announced the availability of Checkmarx Fusion, a context-aware correlation engine that enables full visibility into applications, component interactions, and bills of materials. Read More
Hottest new cybersecurity products at RSA 2022
June 8, 2022The annual RSA Conference is an opportunity for companies to showcase their latest cybersecurity products. Here are some of the most interesting new products being shown at RSA Conference 2022. Read More
2022 Women of the Channel Awards
May 10, 2022This year, CRN honors nearly 1400 women whose channel expertise and vision are deserving of recognition. The Most Powerful Women Of The Channel 2022: Power 100 > The Power 100 is culled from the ranks of CRN’s Women of the Channel and spotlights the female executives at vendors and distributors... Read More
DevSecOps: como integrar desenvolvimento, segurança e operações?
May 10, 2022O cenário da infraestrutura de TI passou por mudanças exponenciais na última década. A migração para plataformas ágeis de computação em nuvem, armazenamento, dados compartilhados e aplicativos dinâmicos trouxe enormes... Read More
Checkmarx Report Highlights Need for AppSec Collaboration
May 9, 2022A research report published by Checkmarx finds the same basic malicious software developed using multiple programming languages as cyberattackers industrialize their malware development processes. Read More
World Password Day helps to raise security awareness
May 5, 2022The death of the password is something that has been predicted for a very long time. But the venerable means of securing our accounts still clings tenaciously to life. Today's World Password Day is designed to raise awareness of the continued importance of passwords and the need -- where we do still... Read More
