SQL injection has been a major security risk since the early days of the internet. Find out what's at risk, and how cybersecurity pros can defend their organizations. Few things terrify IT security ...

[The following is excerpted from "Anatomy Of A SQL Injection Attack," a new report posted this week on Dark Reading's Database Security Tech Center.] It started with a vulnerability on a password ...

Even many years after gaining prominence as one of the most popular and convenient ways for criminals to break into corporate databases through vulnerable web applications, SQL injection still remains ...

On the heels of a dramatic rise in SQL injection attacks linked to drive-by malware downloads, Microsoft has released aimed at helping Webmasters and IT administrators block and eradicate this attack ...

SQL injection attacks are among the oldest exploits against web applications, dating back more than a decade. Sadly, despite the fact that it is fairly easy to defend against these injection attacks, ...

After having spent the last two weeks in Asia I find myself sitting in a hotel room in Tokyo pondering something. I delivered a few talks in Singapore and in Manila and was struck by the fact that ...

The huge data thefts at Heartland Payment Systems and other retailers resulted from SQL injection attacks and could finally push retailers to deal with Web application security flaws. This week’s ...

A new tool is making the rounds on the criminal underground. Called Katyusha Scanner, this is a hybrid between a classic SQL injection (SQLi) vulnerability scanner and Anarchi Scanner, an open-source ...

Mike Chapple is a teaching professor of IT, analytics and operations at the University of Notre Dame. On Dec. 26, 2007, Albert Gonzalez, a 28-year-old resident of Miami, launched an attack against the ...