Proofpoint International, Inc, Taiwan Branch

Proofpoint International, Inc, Taiwan Branch February 3, 2013 Product Announcements / CodeSecure™ Announcements

Armorize Release CS 5.0.0-GA

 

Version 5.0.0-GA is our first GA(general access) release for new generation SCA product developed by Armorize. We treat it as a different product compared with CodeSecure-V4.

 

We have new core-engine design and new DB solution for heavy users. Since V5 is a new product generation for CodeSecure, the current CodeSecure-V4 users cannot run the V5 with your current V4 license. We also provide smart setting for users to enable multi-threading scans to improve the working performance. We'll also upgrade our PHP module to support PHP5.3+ and CodeIgniter framework with next official release for CodeSecure-V5. Welcome to contact our sales team to get the advanced information about the new product spec of CodeSecure-V5.

 

Release History

‧    Release CodeSecure-V5.0.0-Beta on 2012.12.13.

 

New Features

‧    Enable concurrent scan feature with CodeSecure-V5. There's a smart setting for this feature to provide multi-threading solution for end users to run scan efficiently.

‧    A new analyzer default solution to provide efficient analysis.

 

Improvement

‧    We have improved Installation and Upgrade process for users on Linux and Windows.

‧    Improved UI solution to highlight insufficiency of memory allocation.

‧    Added some descriptions to introduce the meaning of some charts in our report.

‧    Completed the fine-tuning tasks for core-engine to run with Java1.7.

‧    Added a "Save Settings" button in the Scan Settings page.

‧    Completed the database enhancement for data transaction.

‧    Completed tp improve Entry-point Function coverage for struts DispatchAction.

‧    We have a new UI solution to improve the setting flow for Role/Permission control features.

 

Bug Fixes – Core Engine-PHP

‧    PHP module does not recognize different casing for <script> tag. This has been fixed.

 

Bug Fixes – Web UI

‧    The Cfg content can't be delete when editing Cfg Information. This has been fixed.

‧    Since KDC is not working with a safe protocol, and there's some revision concerns, we remove the KDC support from CodeSecure-V5.

‧    There's a wrong design with some setting of vulnerability validator and filter. This has been fixed.

‧    Administrator (admin) may lock his own account when he has a wrong setting on UI. This has been fixed.

‧    The Scan Policies setting can't update in real-time if the user selected the non-default languages. This has  been fixed.

 

Known Issues

‧    Unable to submit large amount of predefined text via UI with the browser IE9.

‧    In Linux environment, UI can't displayed warning message for a duplicated report configuration.

‧    For some special PHP case, we may lost one or two for different scans without any vulnerability fixed. It will not effect the fix policy and fix suggestion for end users since the entry-points and vulnerable statements are still the same. We'll make it always consistent with next release.

Proofpoint International, Inc, Taiwan Branch July 3, 2011 Tutorials, FAQs, Resources / Armorize Company Announcements

Reuters: Research and Markets: The Static Application Security Testing (SAST) Market in the APAC Region to Grow At A CAGR Of 36.1 Percent over the Period 2010-2014, November 15, 2011

Sunherald: Research and Markets: The Static Application Security Testing (SAST) Market in the APAC Region to Grow At A CAGR Of 36.1 Percent over the Period 2010-2014, November 15, 2011

ABC News: Internet Risk: Online Ads That Carry Computer Viruses and Other Malware, November 06, 2011

CRM Daily: 'Malvertisements' Take a Toll on Businesses, Consumers, November 04, 2011

CIO Today: 'Malvertisements' Take a Toll on Businesses, Consumers, November 04, 2011

USA Today: How malicious ads inundate the Web, November 02, 2011

USA Today: Uptick in tainted ads hurts consumers, advertisers, November 02, 2011

The Last Watchdog: Symantec’s new tool helps publishers spot 'malvertisements', November 02, 2011

The Last Watchdog: Ten-fold rise in malicious ads bedevils publishers, consumers, November 02, 2011

 Help Net Security: New mass SQL injection attack making rounds, October 24, 2011

LetsByteCode: Massive SQL-injection raised a million sites, October 21, 2011

SC magazine: ASP.NET attacks growing in reach, October 20, 2011

Computer World UK: Massive SQL injection attack compromises 180,000 ASP.Net sites, October 20, 2011

eWeek: Massive SQL Injection Attack Hits A Million Pages, October 20, 2011

Computing UK: Researchers discover new mass malware infection, October 20, 2011

ZDNet: Over a million web sites affected in mass SQL injection attack, October 19, 2011

NetworkWorld: Massive SQL injection attack has compromised nearly 200,000 ASP.Net sites, October 19, 2011

ThreatPost: Mass Injection Attack Targets ASP.NET Sites, October 19, 2011

DarkReading: Mass SQL Injection Attack Hits 1 Million Sites, October 19, 2011

ComputerWorld: Massive SQL injection attack has comprised nearly 200,000 ASP.Net sites, October 19, 2011

Security Asia: kickass torrents seeds malware, October 19, 2011

Rafay: Mass ASP.Net SQL Injection Infects Thousands Of Websites, October 19, 2011

The Hacker News: Million ASP.Net web sites affected with mass SQL injection attack, October 19, 2011

SC Magazine: Battling 'malvertising' with Symantec and Armorize, October 18, 2011

Computer World: Scareware spread from popular torrent site via malvertizing, October 18, 2011

Telecom Paper: Symantec Unveils AdVantage cloud-based service, October 18, 2011

IT World: Scareware spread from popular torrent site via malvertising, October 17, 2011

Network World: Scareware spread from popular torrent site via malvertising, October 17, 2011

Computer Technology Review: Symantec debuts new service for online publishers alarmed with malicious advertising, October 17, 2011

The New New Internet: Symantec’s AdVantage Helps Online Publishers Avoid Malvertising, October 17, 2011

CSO: Scareware Spread From Popular Torrent Site Via Malvertizing, October 17, 2011

Softpedia: Security Sphere Returns to Exploit KickAssTorrents, October 17, 2011

IT News: Scareware spread from popular torrent site via malvertizing, October 17, 2011

eWeek: Symantec, Armorize Partner on Scanner That Detects Malware-Tainted Web Ads, October 17, 2011

PCWorld: Scareware Spread From Popular Torrent Site via 'Malvertizing', October 17, 2011

CIO: Scareware Spread From Popular Torrent Site Via Malvertizing, October 17, 2011

SecurityWeek: Symantec Unveils Anti-Malvertising Solution Powered by Armorize, October 17, 2011

Softpedia: Symantec and Armorize Release Malicious Advertisement Detector, October 17, 2011

The Hacker News: Armorize Partners With Symantec to Provide Powerful Anti-Malvertising Technology, October 17, 2011

Help Net Security: Symantec tackles malicious advertising, October 17, 2011

The Register: Mass ASP.NET attack causes websites to turn on visitors, October 14, 2011

Softpedia: 300,000 Websites Fall Victim to ASP Mass Infection, October 13, 2011

Spam Fighter: Hackers Infiltrate MySQL.com for Pushing Malware, October 04, 2011

Computer World: MySQL.com hacked to serve malware, September 27, 2011

ZDNet UK: Hackers place Windows malware on MySQL site, September 27, 2011

THe H Security: MySQL.com hacked to serve malware, September 27, 2011

Hack Illusion: Beware: Mysql.Com Infects Visitors With Malware, September 27, 2011

Computing UK: MySql.com serves malware following hack, September 27, 2011

SC Magazine: MySQL.com hacked, September 27, 2011

CIO Australia: MySQL.com hacked to serve malware , September 27, 2011

Computerworld Australia: MySQL.com hacked to serve malware, September 27, 2011

News4geeks: MySQL.com hacked to server malware, September 27, 2011

PCWorld: MySQL.com Hacked to Serve Malware, September 27, 2011

ZDNet: Hacked MySQL.com used to serve Windows malware, September 27, 2011

Network World: MySQL.Com Website Hacked, September 26, 2011

OSNews: MySQL.com Hacked to Serve Malware, September 26, 2011

Voice of Grey Hat: MYSQL.com Compromised & Giving Malware Warning, September 26, 2011

Ars Technica: Hackers turn MySQL.com into malware launchpad, September 26, 2011

BetaNews: mysql.com hacked and serving malware, stolen data sold on hacker forums, September 26, 2011

CIO: MySQL.Com Hacked to Serve Malware, September 26, 2011

Cnet: Hacked MySQL.com used to serve Windows malware, September 26, 2011

Computer Weekly: MySQL.com hack serves up malware to site visitors, September 26, 2011

Dark Reading: MySQL Site Compromised To Serve Up BlackHole Exploits, September 26, 2011

eWeek: Attackers Subvert MySQL.com With BlackHole Exploit Kit to Serve Malware, September 26, 2011

Help Net Security: Mysql.com hacked, serving malware, September 26, 2011

InfoWorld: MySQL.com hacked to serve malware, September 26, 2011

Krebs on Security: MySQL.com Sold for $3k, Serves Malware, September 26, 2011

NetworkWorld: MySQL.Com Website Hacked, September 26, 2011

Naked Security: MySQL.com hacked for second time in a year, September 26, 2011

SecurityWeek: MySQL.com Hacked: Cybercriminals Use Popular Open Source Site to Spread Malware, September 26, 2011

Slashdot: Mysql.com Hacked, Made To Serve Malware, September 26, 2011

Threat Post: MySql.com Site Hacked, Was Serving Malware, September 26, 2011

The Register: MySQL.com breach leaves visitors exposed to malware, September 26, 2011

TechWorld: MySQL.com hacked to serve malware, September 26, 2011

ZDNet: MySQL.com hacked, redirects users to malware-laden sites, September 26, 2011

MSNBC: Armorize Technologies, Inc. Releases Free Community Edition of Its Source Code Analysis Tool to Benefit Non-Commercial..., August 30, 2011

Reuters: Armorize Technologies, Inc. Releases Free Community Edition of Its Source Code Analysis Tool to Benefit Non-Commercial..., August 30, 2011

Softpedia: Malvertizing Spotted on Google's DoubleClick, August 26, 2011

Help Net Security: Mass injection attack compromised 20,000+ domains, delivers fake AV, August 18, 2011

Softpedia: New Mass Injection Attack Infects over 20K Websites, August 17, 2011

The Register: Attack targeting open-source web app keeps growing, August 13, 2011

USA Today: Millions of Web pages are hacker landmines, August 11, 2011

CIO UK: New malware infects more than six million web pages, August 11, 2011

Dark Reading: 'Willysy' osCommerce Injection Attack Affects More Than 8 Million Pages, August 09, 2011

eWeek: Malware Wave Infects Six Million e-Commerce Pages, August 08, 2011

PC Magazine: Millions of e-commerce Sites Hacked to Serve Malware, August 08, 2011

TechWorld: Willysy malware infects millions of e-commerce sites, August 08, 2011

ihotdesk: Malware reaches 6m pages in two weeks, August 08, 2011

GEV: Malware “Willysy” Infects More than 6 Million E-Commerce Web Pages, August 07, 2011

PC World: Speedy Malware Infects More than 6 Million Web Pages, August 06, 2011

Spam Fighter: Armorize Unleash Massive Iframe Injection Assault, August 05, 2011

Kerbs on Security: Is That a Virus in Your Shopping Cart?, August 05, 2011

ThreatPost: Massive Injection Campaign Affecting More Than Six Million Pages, August 4, 2011

Anti-Malware: Malware attack targets unpatched osCommerce websites, August 04, 2011

The H Security: Millions of osCommerce stores hacked, August 03, 2011

AVG: Massive iframe attack hits more than 100,000 web sites, August 02, 2011

HK Cert: Mass Injection Attacks Targeting osCommerce Vulnerabilities, August 02, 2011

The Register: Malware attack spreads to 5 million pages (and counting), August 02, 2011

Kriterium: iFrame Attack Infects More Than 300,000 osCommerce Sites, August 01, 2011

Softpedia: Number of osCommerce Infected Pages Raises to Millions in Under a Week, August 01, 2011

SC Magazine: Mass injection campaign affects 3.8 million pages, August 01, 2011

The Tech Herald: osCommerce-based mass injection now 3.79 million pages strong, August 01, 2011

Help Net Security: Mass iFrame injection attack now counts millions of compromised web pages, August 01, 2011

Linux Today: E-commerce sites based on open source code under attack, August 01, 2011