BizTech

A Guide to Combatting SQL Injection Attacks

SQL injection attacks are among the oldest exploits against web applications, dating back more than a decade. Sadly, despite the fact that it is fairly easy to defend against these injection attacks, ...
ZDNet

Developers at fault? SQL Injection attacks lead to wide-spread compromise of IIS servers

There's been a lot of noise and violent thrashing over the last couple days regarding a flaw that was originally believed to be a flaw in Microsoft's IIS (Internet Information Server), but has since ...
ZDNet

Fast-Fluxing SQL injection attacks executed from the Asprox botnet

The botnet masters behind the Asprox botnet have recently started SQL injecting fast-fluxed malicious domains in order to enjoy a decent tactical advantage in an attempt to increase the survivability ...
CSOonline

Critical Magento SQL injection flaw could be targeted by hackers soon

The Magento content management system used by thousands of online shops has received fixes for several serious vulnerabilities, including an unauthenticated SQL injection flaw that’s likely to soon ...
CSOonline

Mesh networks may make SQL injection attacks more persistent

Mass web compromises have typically redirected visitors to a handful of central malware sites, but a peer-to-peer approach will make mass attack more pernicious. Massive website compromises using a ...
Bleeping Computer

75k WordPress sites impacted by critical online course plugin flaws

The WordPress online course plugin 'LearnPress' was vulnerable to multiple critical-severity flaws, including pre-auth SQL injection and local file inclusion. LearnPress is a learning management ...
Ars Technica

Attackers exploit 0-day code-execution flaw in the Sophos firewall

Users of a widely used firewall from Sophos have been under a zero-day attack that was designed to steal usernames, cryptographically protected passwords, and other sensitive data, officials with the ...