Checkmarx – Page 6 – WindowsTechs.com

Android camera bug could have turned phones against their users

Posted on November 21, 2019 by Danny Bradbury

Google has patched a bug in the Android camera app that allowed other applications to bypass the strict controls on camera and audio access. Continue reading Android camera bug could have turned phones against their users→

Google, Samsung patch voice assistant flaws that could have allowed access to device’s camera

Posted on November 19, 2019 by Jeff Stone

Security vulnerabilities in personal voice assistant technology would have made it possible for hackers to take photos and videos of users, or track their location without a victims’ knowledge, according to new findings. Flaws in several Android devices opened holes in the Google Assistant and Samsung’s Bixby, according to research published Tuesday by the Israeli security vendor Checkmarx. The issues in Google’s Pixel brand of phones and Samsung’s Galaxy series could have allowed outsiders to record two-way conversations, silence the shutter on a phone’s camera and collect GPS location based on a device’s metadata. Both Google and Samsung say the patch has been available since July in the Play Store. The vulnerabilities show that as new technologies promise more convenience, they can also create new channels that attackers can leverage to infiltrate unwitting users’ devices, or access their information. Researchers proved earlier this month they could intercept Wi-Fi usernames and passwords […]

The post Google, Samsung patch voice assistant flaws that could have allowed access to device’s camera appeared first on CyberScoop.

Continue reading Google, Samsung patch voice assistant flaws that could have allowed access to device’s camera→

Android camera apps could be hijacked to spy on users

Posted on November 19, 2019 by Zeljka Zorz

A vulnerability in the Google Camera app may have allowed attackers to surreptitiously take pictures and record videos even if the phone is locked or the screen is off, Checkmarx researchers have discovered. In addition to this, attackers would have al… Continue reading Android camera apps could be hijacked to spy on users→

Parents, it’s time to delete Pet Chat from your child’s LeapPad

Posted on August 9, 2019 by Lisa Vaas

LeapFrog has done lots to fix the security of the LeapPad. Now all that’s left is for parents to scrape Pet Chat off of older tablets. Continue reading Parents, it’s time to delete Pet Chat from your child’s LeapPad→

Checkmarx deploys CxSAST on Project Hosts’ FPC FedRAMP-authorized PaaS

Posted on May 20, 2019 by Industry News

Checkmarx, the Software Exposure Platform for the enterprise, has deployed CxSAST on Project Hosts’ Federal Private Cloud (FPC) FedRAMP-authorized Platform-as-a-Service (PaaS). This deployment facilitates Federal agencies to grant a FedRAMP Moderate or… Continue reading Checkmarx deploys CxSAST on Project Hosts’ FPC FedRAMP-authorized PaaS→

Checkmarx announces enhancements to Software Exposure Platform

Posted on March 8, 2019 by Industry News

Checkmarx, the Software Exposure Platform for the enterprise, unveiled major advancements to accelerate adoption of the most comprehensive, unified software security solution on the market. As the application layer increasingly is the source of success… Continue reading Checkmarx announces enhancements to Software Exposure Platform→

Checkmarx and Fishtech Group partner to help businesses fight software exposure risk

Posted on October 24, 2018 by Industry News

Checkmarx formed a strategic partnership with Fishtech Group to enable customers across North America manage software exposure at the speed of DevOps. Working together, Fishtech Group will become a reseller of Checkmarx’s Software Exposure Platform to … Continue reading Checkmarx and Fishtech Group partner to help businesses fight software exposure risk→

Only 8% of orgs have effective DevSecOps practices

Posted on August 8, 2018 by Help Net Security

92 percent of organizations struggle to implement security into the entire DevOps process despite most saying they want to do so – a staggering capability gap exposed in the new, global data report commissioned by Checkmarx. The study spotlights … Continue reading Only 8% of orgs have effective DevSecOps practices→

Getting an Amazon Echo app to silently eavesdrop on you

Posted on April 27, 2018 by Lisa Vaas

Researchers make an Alexa skill that turns your Echo into a eavesdropper Continue reading Getting an Amazon Echo app to silently eavesdrop on you→

Researchers found a semi-legit way to turn an Amazon Echo into a wiretap

Posted on April 26, 2018 by Chris Bing

An Amazon Echo application created by security researchers proves how the popular smart home device can be co-opted to remotely listen to people’s nearby conversations, according to cybersecurity firm CheckMarx. The research describes how an inherent design flaw in the Amazon Echo could be exploited to covertly and remotely launch the Alexa voice assistant on compromised devices. Alexa was engineered to be able to record and react to voice commands within a predetermined distance from the device. During their controlled experiment, CheckMarx researchers disguised a malicious Echo skill by marketing it as a voice-enabled calculator application that leverages Alexa to execute certain commands. “It can be done totally remotely,” said Erez Yalon, manager of application security research at Checkmarx. “While a hacker creates a malicious skill and publish it to the Amazon store, every user that will use this Amazon skill is exposed.” CheckMarx says the trick didn’t “break or hack […]

The post Researchers found a semi-legit way to turn an Amazon Echo into a wiretap appeared first on Cyberscoop.

Continue reading Researchers found a semi-legit way to turn an Amazon Echo into a wiretap→