Bleeping Computer

Telegram-Based SQL Injection Scanner Available for $500 on Hacking Forum

A new tool is making the rounds on the criminal underground. Called Katyusha Scanner, this is a hybrid between a classic SQL injection (SQLi) vulnerability scanner and Anarchi Scanner, an open-source ...
Dark Reading

SQL Injection, XSS Flaws Found In Network Management System Products

Patches are currently available for two of the disclosed vulnerabilities. Two patches are pending from Castle Rock, which has yet to disclose a date when they would become available and Ipswitch, ...
Dark Reading

Five Ways To Stop Mass SQL Injection Attacks

A new wave of mass SQL injection attacks seen in mid-August to hit over half a million websites, including parts of Apple's site serves as a weighty reminder of the growing prevalence of mass ...
CSOonline

JSON-based SQL injection attacks trigger need to update web application firewalls

Security researchers have developed a generic technique for SQL injection that bypasses multiple web application firewalls (WAFs). At the core of the issue was WAF vendors failing to add support for ...