Previous
SQL injection attacks point to need for more secure software
Blog Like an increasing number of such attacks, it exploited weaknesses in web based applications by using the well known technique of ‘SQL injection’ to access and steal 130 million credit card numbers. At a recent (ISC)2 Secure London seminar the...
[August 26, 2009, 18:39]
Web Application Integrity Series: SQL Injection
White Papers This webcast delves into one of the largest web application threats out there, SQL injection, and prepares one with the information needed to keep the company safe. The attendee will gain conceptual overview of SQL injections.
[October 2, 2009, 1:23]
An Anatomy of a Web Hack: SQL Injection Explained
White Papers The nation of SQL injection isn't new, but is still widely misunderstood and many sites are still vulnerable to attack. This paper shows how easy it is to penetrate the average website and gain information about the underlying database structures...
[October 6, 2009, 0:00]
Eliminate SQL Injection Attacks Painlessly With LINQ
White Papers As developers assume more of the security burden, the first web application vulnerability that many developers learn about is a particularly dangerous form of command injection known as SQL injection.
[July 10, 2007, 1:00]
Application Layer Intrusion Detection for SQL Injection
White Papers SQL injection attacks potentially affect all applications, especially web applications, that utilize a database backend. This paper examines the threat from SQL injection attacks, the reasons traditional database access control is not sufficient to...
[June 12, 2008, 1:01]
SQL injection attacks point to need for more secure software
Blog Comment This underlines the sheer stupidity in keeping copy's of customers details for any retailers, I mean the only organizations who should have these details should be the relevant banks to which your cards belong to and thats it.
[August 27, 2009, 1:52]
MSDN Webcast: Protecting Your System From SQL Injection Attacks - Level 200
White Papers SQL injection is one of the most serious threats a database can encounter. By following sound design principles demonstrated in this webcast, SQL injection threats can be minimized. When an application is designed without regard for a comprehensive...
[June 9, 2006, 0:00]
Script kiddies learn grown-up hacking techniques
News SQL injection hacking techniques are starting to be used by script kiddies -- inexperienced hackers with limited technical skills -- who are learning from a growing number of online help guides on database hacking.
[January 13, 2005, 14:10]
Vendor warns of 'Chinese' website attacks
News Security vendor ScanSafe has warned of a wave of SQL injection attacks that has affected over 7,000 web pages. When a user visits a compromised page, their browser is redirected via SQL injection to another page, which in turn loads a second iframe.
[May 20, 2008, 16:54]
Application-Level Attacks: Phishing and Session Hijacking (Level 300)
White Papers This webcast will provide in-depth demonstrations of a variety of Web application hacking techniques such as SQL Injection and Cross Site Scripting (XSS) and show how to identify whether an application is vulnerable to these types of attacks.
[February 11, 2005, 23:00]
Business Bloggers Leave Blogs Open To Hackers
Blog The two main threats bloggers face are comment spam and SQL injection attacks. Both Blogger and Wordpress have been vulnerable to SQL injection attacks, and don’t provide enough care when validating SQL queries.
[November 10, 2008, 7:28]
New attack technique puts Oracle in crosshairs
News It was previously thought that an attacker needed high-level privileges on the database to exploit so-called PL SQL injection vulnerabilities. NGS Software's 'Cursor Injection' paper describes a technique that may assist an attacker in exploitation...
[March 2, 2007, 8:02]
Kaspersky denies data leak following SQL hack
News The hacker claimed to have hacked Kaspersky Labs's databases using an SQL injection attack, which exploits a vulnerability in an application's database layer. Microsoft's UK website came under a similar attack in 2007 when hackers used an SQL...
[February 9, 2009, 7:31]
BusinessWeek site infected by hackers
News The hackers used an increasingly common form of attack called SQL injection, in which a small malicious script is inserted into a database that feeds information to the BusinessWeek website, he said. SQL injection attacks are on the rise primarily...
[September 16, 2008, 12:11]
FUD over ChromeOS's security already?
Blog But as the same release points out (and in doing so rather undermines its argument), most security issues are application- rather than OS-based - Websense cites SQL injection, browser vulnerability and rogue AV.
[July 9, 2009, 12:42]
Acunetix Web Vulnerability Scanner
Downloads Acunetix WVS automatically checks your web applications for SQL Injection, XSS other web vulnerabilities. Ensures your website is secure against web attacks * Automatically checks for SQL injection & Cross site scripting vulnerabilities * Checks...
[December 17, 2008, 7:54]
Three indicted in largest-ever US hacking prosecution
News They used an SQL injection attack to steal the data and used computers in California, Illinois, New Jersey, Latvia, Ukraine and the Netherlands for storing malware and stolen data and launching attacks, according to the indictment.
[August 18, 2009, 9:17]
Tools to be offered for breaking into Oracle databases
News Over the years there have been tons of Oracle exploits, SQL Injection vulnerabilities, and post exploitation tricks and tools that had no order, methodology or standardisation, mainly just random .sql files.
[July 24, 2009, 10:21]
Microsoft to lift lid on hacker conference
News There were talks on SQL injection and database rootkits. SQL injection subverts the application logic, piggybacking attack queries on valid SQL queries. SQL injection is probably today's biggest security issue.
[March 17, 2006, 15:55]
Hacker site claims third security-firm website breach
News F-Secure is "vulnerable to SQL Injection plus Cross Site Scripting," an entry on the HackersBlog site said. SQL-injection attacks, in which a small malicious script is inserted into a database that feeds information to the website, have become very...
[February 12, 2009, 15:31]
