Statetechmagazine

Vaccinate Your Website Against SQL Injection

Mike Chapple is a teaching professor of IT, analytics and operations at the University of Notre Dame. On Dec. 26, 2007, Albert Gonzalez, a 28-year-old resident of Miami, launched an attack against the ...
ZDNet

Microsoft ships free code auditing tools to thwart SQL injection attacks

On the heels of a dramatic rise in SQL injection attacks linked to drive-by malware downloads, Microsoft has released aimed at helping Webmasters and IT administrators block and eradicate this attack ...
Dark Reading

MOVEit Breach Shows Us SQL Injections Are Still Our Achilles' Heel

In late 1998, when I was just beginning my career in technology, I read in the venerable Phrack magazine how poor input sanitization allowed rain.forest.puppy (the pseudonym used by Jeff Forristal) to ...
Network World

SQL injection attacks led to massive data breaches

The huge data thefts at Heartland Payment Systems and other retailers resulted from SQL injection attacks and could finally push retailers to deal with Web application security flaws. This week’s ...
ZDNet

Michael Howard on SQL Injection and my concerns on the most recent attacks

So, in catching up with blogs after vacation, I went and had a peak at Michael Howard's web log, and was glad to see another post from him. His posts are very insightful (I just wish he would post ...
dbta

Harden Your Applications to Combat SQL Injection

An important aspect of database security is designing your applications to avoid SQL injection attacks. SQL injection is a form of web hacking whereby SQL statements are specified in the fields of a ...
Network World

Mass SQL injection attack targets Chinese Web sites

Web sites across China and Taiwan are being hit by a mass SQL injection attack that has implanted malware in thousands of Web sites, according to a security company in Taiwan. Slideshow: SQL ...
Bleeping Computer

Latest SQL Injection news

Fortinet patched a critical vulnerability in its FortiClient Enterprise Management Server (EMS) software that can allow attackers to gain remote code execution (RCE) on vulnerable servers. A threat ...
Dark Reading

Security 101: SQL Injection

Many web-facing enterprise applications have databases sitting behind them. For many of those, the application itself is little more than a snazzy user interface sitting on top of a database. And in ...
CSOonline

Why does SQL Injection still exist?

A perfect example is SQL injection as a lurking issue. When an application is rushed out the door there is a real chance that problems will be introduced that can lead to a data breach. The headlines ...
eWeek

SQL Injection Attack Exposes Comodo Partner Customer Data

eSpeaks host Corey Noles sits down with Qualcomm's Craig Tellalian to explore a workplace computing transformation: the rise of AI-ready PCs. Matt Hillary, VP of Security and CISO at Drata, details ...