Computer Weekly

Raising risk prospects with a new SQL injection threat

LAS VEGAS -- With so much attention focused on database security these days, organizations should be aware that the latest SQL injection threat, called an inference attack, may be able to deliver up ...
Dark Reading

Security 101: SQL Injection

Many web-facing enterprise applications have databases sitting behind them. For many of those, the application itself is little more than a snazzy user interface sitting on top of a database. And in ...
Computerworld

Malicious code injection: It’s not just about SQL anymore

The good news: Developers are becoming increasingly aware of the threat posed by SQL injection attacks and the pitfalls of leaving pre vulnerable to such attacks. The bad news: there are other types ...
Ars Technica

How security flaws work: SQL injection

A massive effort should be launched to downvote or outright remove answers that suggest string concatenation of SQL statements from places like StackOverflow and other forums.
Dark Reading

Mass SQL Injection Attack Hits 1 Million Sites

A mass-injection attack similar to the highly publicized LizaMoon attacks this past spring has infected more than 1 million ASP.NET Web pages, Armorize researchers said today. According to database ...
Bleeping Computer

PoC exploits released for critical bugs in popular WordPress plugins

Three popular WordPress plugins with tens of thousands of active installations are vulnerable to high-severity or critical SQL injection vulnerabilities, with proof-of-concept exploits now publicly ...