Collaborate Disseminate
OWASP’s API Security Project has released the first edition of its top 10 list of API security risks. The most common and perilous API security risks API abuse is an ongoing problem and is expected to escalate in the coming years, as the number o… Continue reading Security pitfalls to avoid when programming using an API
Google has patched a bug in the Android camera app that allowed other applications to bypass the strict controls on camera and audio access. Continue reading Android camera bug could have turned phones against their users
Security vulnerabilities in personal voice assistant technology would have made it possible for hackers to take photos and videos of users, or track their location without a victims’ knowledge, according to new findings. Flaws in several Android devices opened holes in the Google Assistant and Samsung’s Bixby, according to research published Tuesday by the Israeli security vendor Checkmarx. The issues in Google’s Pixel brand of phones and Samsung’s Galaxy series could have allowed outsiders to record two-way conversations, silence the shutter on a phone’s camera and collect GPS location based on a device’s metadata. Both Google and Samsung say the patch has been available since July in the Play Store. The vulnerabilities show that as new technologies promise more convenience, they can also create new channels that attackers can leverage to infiltrate unwitting users’ devices, or access their information. Researchers proved earlier this month they could intercept Wi-Fi usernames and passwords […]
The post Google, Samsung patch voice assistant flaws that could have allowed access to device’s camera appeared first on CyberScoop.
A vulnerability in the Google Camera app may have allowed attackers to surreptitiously take pictures and record videos even if the phone is locked or the screen is off, Checkmarx researchers have discovered. In addition to this, attackers would have al… Continue reading Android camera apps could be hijacked to spy on users
LeapFrog has done lots to fix the security of the LeapPad. Now all that’s left is for parents to scrape Pet Chat off of older tablets. Continue reading Parents, it’s time to delete Pet Chat from your child’s LeapPad
Checkmarx, the Software Exposure Platform for the enterprise, has deployed CxSAST on Project Hosts’ Federal Private Cloud (FPC) FedRAMP-authorized Platform-as-a-Service (PaaS). This deployment facilitates Federal agencies to grant a FedRAMP Moderate or… Continue reading Checkmarx deploys CxSAST on Project Hosts’ FPC FedRAMP-authorized PaaS
Checkmarx, the Software Exposure Platform for the enterprise, unveiled major advancements to accelerate adoption of the most comprehensive, unified software security solution on the market. As the application layer increasingly is the source of success… Continue reading Checkmarx announces enhancements to Software Exposure Platform
Checkmarx formed a strategic partnership with Fishtech Group to enable customers across North America manage software exposure at the speed of DevOps. Working together, Fishtech Group will become a reseller of Checkmarx’s Software Exposure Platform to … Continue reading Checkmarx and Fishtech Group partner to help businesses fight software exposure risk
92 percent of organizations struggle to implement security into the entire DevOps process despite most saying they want to do so – a staggering capability gap exposed in the new, global data report commissioned by Checkmarx. The study spotlights … Continue reading Only 8% of orgs have effective DevSecOps practices
Researchers make an Alexa skill that turns your Echo into a eavesdropper Continue reading Getting an Amazon Echo app to silently eavesdrop on you