Nuacht

CSOonline

What is SQL injection? How these attacks work and how to prevent them

Immortalized by “Little Bobby Drop Tables” in XKCD 327, SQL injection (SQLi) was first discovered in 1998, yet continues to plague web applications across the internet. Even the OWASP Top Ten lists ...
Bleeping Computer

Telegram-Based SQL Injection Scanner Available for $500 on Hacking Forum

A new tool is making the rounds on the criminal underground. Called Katyusha Scanner, this is a hybrid between a classic SQL injection (SQLi) vulnerability scanner and Anarchi Scanner, an open-source ...
Infosecurity-magazine.com

XSS and SQL Injection Plague Several NMSes

A slew of cross-site scripting (XSS) and SQL injection (SQLi) vulnerabilities that affect several network management system (NMS) products has been uncovered. Security firm Rapid7 has released details ...
Infosecurity-magazine.com

GambleForce Group Targets Websites With SQL Injection

Security researchers have warned of a new threat group targeting gambling, government, retail and travel websites to steal sensitive information including user credentials. Group-IB named the threat ...
Computer Weekly

SQL injection attacks increasing in number, sophistication and potency, researchers find

The prevalence and intensity of SQL injection attacks are increasing, according to Imperva's Hacker Intelligence Initiative (HII) report. The report details how attacks are executed and how hackers ...
Threat Post

Vendor BPC Banking Silent on Patching SQL Injection in SmartVista Ecommerce Software

A popular ecommerce platform sold in 60 countries suffers from a SQL injection vulnerability privately disclosed in April that has yet to be patched by the vendor. A popular ecommerce platform sold in ...