Infosecurity-magazine.com

SQL injection attack leads to command execution

Thus far, SQL injection has focused on altering data within the database, rather than attacking the underlying operating system. But researcher Bernardo Damele Assumpcao Guimaraes will be upgrading ...
Threat Post

SQL injection tactics revealed

SQL injection attacks have become the most reliable way for hackers to gain access to valuable data on back-end systems, with many high-profile Web sites falling victim to the technique over the last ...
Ars Technica

Newly detected SQL injection attack snags Apple in wide net

A new series of mass SQL injection attacks has planted links to malware sites and hidden iframes in over a million webpages, including parts of Apple’s website. The technique is similar to a standard ...
Bleeping Computer

CISA urges devs to weed out OS command injection vulnerabilities

CISA and the FBI urged software companies on Wednesday to review their products and eliminate path OS command injection vulnerabilities before shipping. Velvet Ant, the Chinese state-sponsored threat ...
Ars Technica

Google crawler tricked into performing SQL injection attacks using decade-old technique

Daniel Cid, a developer of a cloud-based firewall/proxy system, was surprised to discover that his product was blocking requests from Google-owned IP addresses. This was unusual, because few websites ...
ZDNet

SQL injection attacks up 69%

SQL injection attacks are becoming significantly more popular amongst hackers, according to recent data. Between Q1 2012 and Q2 2012, there has been an estimated 69 percent increase of this attack ...