Computerworld

Malicious code injection: It’s not just about SQL anymore

The good news: Developers are becoming increasingly aware of the threat posed by SQL injection attacks and the pitfalls of leaving pre vulnerable to such attacks. The bad news: there are other types ...
Dark Reading

Anatomy Of A SQL Injection Attack

[The following is excerpted from "Anatomy Of A SQL Injection Attack," a new report posted this week on Dark Reading's Database Security Tech Center.] It started with a vulnerability on a password ...
Dark Reading

Myth-Busting SQL- And Other Injection Attacks

While different security researchers may haggle over the exact ranking of SQL injection attacks compared to other common maladies, such as XSS and CSRF, few would deny that SQLi and its other ...
ZDNet

Michael Howard on SQL Injection and my concerns on the most recent attacks

So, in catching up with blogs after vacation, I went and had a peak at Michael Howard's web log, and was glad to see another post from him. His posts are very insightful (I just wish he would post ...
Bleeping Computer

Telegram-Based SQL Injection Scanner Available for $500 on Hacking Forum

A new tool is making the rounds on the criminal underground. Called Katyusha Scanner, this is a hybrid between a classic SQL injection (SQLi) vulnerability scanner and Anarchi Scanner, an open-source ...
TechRepublic

Inferential SQL Injection Attacks

Although SQLIA (SQL Injection Attack) made its first public appearance back in, it still stays one of most serious and prevalent threat types. When used properly, attackers can influence what is ...
TechSpot

F-Secure claims 500,000 sites affected by SQL injection

Serving tech enthusiasts for over 25 years. TechSpot means tech analysis and advice you can trust. Web servers getting hacked seems to be somewhat common these days depending on their exposure, though ...