News | Checkmarx Application Security

Checkmarx.com

News

Your one stop for the latest application security articles, stories, and trends. Stay on top of the news and know what’s happening, both at Checkmarx and in the industry at large.

News

Alexa Skill Developed to Eavesdrop on Conversations, Amazon Fixes Vulnerability
May 7, 2018

The researchers at cyber-security company Checkmarx hid the malicious application in a simple calculator skill that is meant to solve common mathematics problems. While Alexa is designed to process commands after hearing... Read More

Researchers found a way to hack Amazon’s Alexa: report
May 7, 2018

Independent Women’s Forum’s Nan Hayworth and Democratic strategist Wendy Osefo discuss the report that researchers discovered a way to hack Amazon’s Alexa. Read More

This ‘Skill’ Can Trick Amazon Alexa Into Eavesdropping For Hackers
May 7, 2018

Ateam of security researchers at Checkmarx have created a “skill” that can turn Amazon’s virtual assistant Alexa into an eavesdropping device. It abuses the built-in request capabilities of the device to record your conversation... Read More

Amazon’s Alexa Hacked To Surreptitiously Record Everything It Hears
May 7, 2018

Voice-activated assistants like Amazon’s Alexa and the Google Assistant are convenient and powerful tools for getting information and carrying out tasks. They also raise privacy questions because they record their interactions with the... Read More

Researchers say they tricked Alexa into spying on them
May 7, 2018

Researchers at security firm Checkmarx say they built a proof-of-concept skill for Amazon’s Echo devices that in theory could have voice assistant Alexa listen to, transcribe, and report what users said after... Read More

Researchers Find Amazon Alexa Can Be Hacked to Record Users
May 7, 2018

On April 25, security firm Checkmarx publicly disclosed that it has found that a malicious developer can trick Amazon's Alexa voice assistant technology to record everything a user says. At... Read More

Amazon fixed an exploit that allowed Alexa to listen all the time
May 7, 2018

Amazon's Alexa is good at listening, since it has to be ready when you say its wake word, like "Alexa," "Echo" or "Computer." That very same feature, though, has people... Read More

Amazon has fixed a bug that allowed hackers to listen in on Alexa devices
May 7, 2018

Checkmarx was able to create a skill that allowed hackers to listen in on Echo devices and their users’ conversations. Amazon fixed the problem earlier this month, but the incident... Read More

Amazon Alexa is Hacked, Again; The Security of Users’ Personal Info Is Questioned
May 7, 2018

As per Checkmarx Researchers, they were able to manipulate code within a built-in Alexa JavaScript library (ShouldEndSession) to pull off the hack. The JavaScript library is tied to Alexa’s orders to... Read More

Is Alexa spying on YOU? Security researchers reveal how the assistant’s code could be tweaked to create new ‘skill’ that lets it eavesdrop
May 7, 2018

Researchers at cybersecurity firm Checkmarx created what seemed to be a harmless calculator skill, or an application used for the voice-activated assistant, that would secretly record long after a user... Read More

Amazon’s Alexa had a flaw that let eavesdroppers listen in
May 7, 2018

Alexa is a good listener -- so good, in fact, that researchers discovered a way to have it record audio indefinitely. Amazon's smart voice assistant had a coding flaw that... Read More

Amazon’s Alexa had a slight eavesdropping flaw
May 7, 2018

Researchers at the security firm CheckMarx discovered a security flaw in Amazon's Alexa voice enabled digital personal assistant that could have been used to eavesdrop and transcribe any ambient conversation. But, there are caveats: The flaw requires a user to not only install, but also run a malicious app on Alexa,... Read More

Flaw let Amazon Alexa record users without knowing
April 29, 2018

Researchers at cybersecurity firm Checkmarx say they found a flaw that could have let the smart speaker record users without them knowing it. Read More

2018 Security 100: 20 Coolest Web, Email And Application Security Vendors
March 7, 2018

Checkmarx in July unveiled its acquisition of Codebashing, an application security education company built by developers that uses gamification to train other developers. One month later, the company released an interactive application security testing platform that enables dynamic and continuous testing in real time with zero scan time, outstanding accuracy... Read More

Tinder Flaw Lets Anyone Snoop on Your Swipes
January 24, 2018

Israeli security firm Checkmarx released a report on the subject, entitled “Are You on Tinder? Someone May Be Watching You Swipe.” The paper covers two distinct and potentially troubling flaws. The first takes advantage of unsecured Tinder protocols; the second can discern what happens behind secured connections with a little... Read More

Tinder app can let people see who you match with and swipe left or right on
January 24, 2018

The vulnerabilities were uncovered by cyber security firm Checkmarx, which describes them as “disturbing”. It discovered that the Tinder app lacks basic HTTPS encryption for profile pictures, allowing anyone using... Read More

Hackers can see and edit your Tinder pictures and matches simply by joining the same Wi-Fi network as you
January 24, 2018

Researchers from Checkmarx have released a report titled ‘Are You on Tinder? Someone May Be Watching You Swipe’ in which they explain Tinder’s lack of HTTPS encryption. The researchers built... Read More

Tinder user? Lack of encryption means stalkers can watch you at it…
January 24, 2018

Dismiss it as a cheesy idea if you like, but Tinder claims to process 1,600,000,000 swipes a day and to set up 1,000,000 dates a week. At more than 11,000... Read More

Your Tinder secrets could be EXPOSED: Massive security flaws in the app could let strangers hijack your photos, spy on your swipes and see pictures of all your matches
January 24, 2018

Researchers from Tel Aviv-based security firm Checkmarx found it is possible for a hacker to take control of profile pictures and swap them for inappropriate content and rogue advertising. One... Read More

Tinder’s Non-Existent Encryption Means Someone Could Be Watching Your Swipes
January 24, 2018

Researchers from an app security firm have made a rather worrying discovery about how encrypted certain parts of the dating app Tinder are. The Tel Aviv-based firm Checkmarx discovered that if they were on... Read More

Skip to content