Bleeping Computer

Telegram-Based SQL Injection Scanner Available for $500 on Hacking Forum

A new tool is making the rounds on the criminal underground. Called Katyusha Scanner, this is a hybrid between a classic SQL injection (SQLi) vulnerability scanner and Anarchi Scanner, an open-source ...
CSOonline

SQL injection, XSS vulnerabilities continue to plague organizations

Errors that allow SQL injection and cross-site scripting attacks are still the top vulnerabilities that pen-testers find, especially at smaller companies. Despite years topping vulnerability lists, ...
Dark Reading

Hacktivists Continue To Own Systems Through SQL Injection

Twin headlines -- one about a LulzSec hacker indicted last week for charges of running a SQL injection attack against Sony Pictures last year, and the oter about hacktivists with Team GhostShell who ...

SAP Patchday: Critical vulnerabilities allow unauthorized login

SAP addresses 15 new security vulnerabilities in May. Two are considered critical and allow unauthorized login or SQL ...
Threat Post

Epic Games Forums Hacked, SQL Injection Vulnerability Blamed

A SQL injection vulnerability is being blamed in the hack of 800,000 users accounts for popular gaming forums run by Epic Games. Epic Games is warning users of a breach that impacts 800,000 user ...
dbta

Harden Your Applications to Combat SQL Injection

An important aspect of database security is designing your applications to avoid SQL injection attacks. SQL injection is a form of web hacking whereby SQL statements are specified in the fields of a ...
Network World

Three best practices for reducing the risk of SQL injection attacks

This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. SQL injection attacks have been around for more than 10 years. Database security experts know they ...