Dark Reading

Myth-Busting SQL- And Other Injection Attacks

While different security researchers may haggle over the exact ranking of SQL injection attacks compared to other common maladies, such as XSS and CSRF, few would deny that SQLi and its other ...
Dark Reading

Cybercrime's Love Affair With Havij Spells SQL Injection Trouble

Today's exponential increase in attack volume and complexity can largely be chalked up to the cybercriminal's creed of working smarter, not harder. It isn't so much l33t hackers toiling at code for ...
Network World

Three best practices for reducing the risk of SQL injection attacks

This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. SQL injection attacks have been around for more than 10 years. Database security experts know they ...
CSOonline

Why does SQL Injection still exist?

After having spent the last two weeks in Asia I find myself sitting in a hotel room in Tokyo pondering something. I delivered a few talks in Singapore and in Manila and was struck by the fact that ...
CSOonline

What is SQL injection? How these attacks work and how to prevent them

Immortalized by “Little Bobby Drop Tables” in XKCD 327, SQL injection (SQLi) was first discovered in 1998, yet continues to plague web applications across the internet. Even the OWASP Top Ten lists ...
dbta

Addressing SAP’s SQL Injection Attacks and Directory Traversal Vulnerabilities

SAP platforms, used by 99 of the Fortune 100 companies and with over 280 million cloud subscribers worldwide, are among the most reliable business applications. As SAP administrators, your role in ...