The Hacker News

Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution

Fortinet fixes critical FortiClientEMS SQL injection flaw (CVSS 9.1) enabling code execution; separate SSO bug actively ...
Dark Reading

When Mass SQL Injection Worms Evolve...Again

In the past, I've described how mass SQL injection worms took the Web completely by storm. Two years ago, SQL injection attacks evolved from sentient, one-off, targeted data-stealing exploits, like in ...
CSOonline

JSON-based SQL injection attacks trigger need to update web application firewalls

Security researchers have developed a generic technique for SQL injection that bypasses multiple web application firewalls (WAFs). At the core of the issue was WAF vendors failing to add support for ...
CSOonline

SQL injection Attacks Led to Heartland, Hannaford Breaches

This week’s disclosure that the huge data thefts at Heartland Payment Systems and other retailers resulted from SQL injection attacks could finally push retailers into paying serious attention to Web ...
TechRepublic

SQL injection attacks: A cheat sheet for business pros

SQL injection has been a major security risk since the early days of the internet. Find out what's at risk, and how cybersecurity pros can defend their organizations. Few things terrify IT security ...