Dark Reading

Five Ways To Stop Mass SQL Injection Attacks

A new wave of mass SQL injection attacks seen in mid-August to hit over half a million websites, including parts of Apple's site serves as a weighty reminder of the growing prevalence of mass ...
TechRepublic

Analyzing SQL Meta Characters and Preventing SQL Injection Attacks Using Meta Filter

SQL Injection Attacks (SQLIA) are widely used in which an attacker crafts input to the application server to access or modify data on the database server. A common approach for an attacker to launch ...
Dark Reading

Anatomy Of A SQL Injection Attack

[The following is excerpted from "Anatomy Of A SQL Injection Attack," a new report posted this week on Dark Reading's Database Security Tech Center.] It started with a vulnerability on a password ...
Bleeping Computer

Telegram-Based SQL Injection Scanner Available for $500 on Hacking Forum

A new tool is making the rounds on the criminal underground. Called Katyusha Scanner, this is a hybrid between a classic SQL injection (SQLi) vulnerability scanner and Anarchi Scanner, an open-source ...
CSOonline

What is SQL injection? How these attacks work and how to prevent them

Immortalized by “Little Bobby Drop Tables” in XKCD 327, SQL injection (SQLi) was first discovered in 1998, yet continues to plague web applications across the internet. Even the OWASP Top Ten lists ...
Linux Journal

Drupageddon: SQL Injection, Database Abstraction and Hundreds of Thousands of Web Sites

Drupal is a very widely used open-source content management system. It initially was released in 2001, and recent statistics show Drupal as the third-most popular content management system, with just ...
Ars Technica

How security flaws work: SQL injection

Thirty-one-year-old Laurie Love is currently staring down the possibility of 99 years in prison. Love was recently told he’ll face extradition to the US, where he stands accused of attacking systems ...