SQL injection flaw leaves door wide-open to valuable user information on a...
I wonder why, after being online for so many years, Pirate Bay still had SQL injection vulnerabilities? Did they recently re-engineer their site and forget to sanitize input? This week, a trio of...
View ArticleAnonymous speaks: the inside story of the HBGary hack
It’s been very interesting watching the HBGary vs Anonymous event unravel in such a public way, with such well-known hacker methodology used to compromise the systems of security specialists....
View ArticleSQL Injection galore!
Attention developers, programmers, and hobby websiters – please sanitize your inputs! In this case, the injected SQL is simply updating text fields within the database, to make them include an extra...
View ArticleSecurity Firm Barracuda Networks Embarrassed by Hacker Database Break-in
Even the mighty security firm Barracuda was hacked through the simplest, well-known, and commonly-used exploits. Barracuda’s firewall was accidentally put into passive monitoring mode, which means it...
View ArticleAs SQL Injection Attacks Surge, New Report Offers Insight On How To Prevent Them
Brad Causey at Dark Reading presents a summary of SQL injection, and a whitepaper about how to prevent them. SQL injection has taken its place among the top Web threats and compromised some of the...
View ArticleMass SQL Injection Attack Hits 1 Million Sites
“To have input validation turned off on their Web servers seems crazy,” he says. “There is literally a script feature on ASP.NET that checks input validation, and it’s on by default. These people have...
View ArticleSlide Show: 10 SQL Injection Tools For Database Pwnage
Because having the right tools is half the battle: Black hat hackers and pen testers alike use these tools to dump data, perform privilege escalations, and effectively take over sensitive databases via...
View Article
More Pages to Explore .....