On the heels of a dramatic rise in SQL injection attacks linked to drive-by malware downloads, Microsoft has released aimed at helping Webmasters and IT administrators block and eradicate this attack ...

Microsoft is warning users of a zero-day vulnerability discovered in SQL Server, and that exploits of the flaw have already been published. The software giant yesterday issued a security advisory ...

Workplace security staffs must act fast to iron out kinks in their application code if they want to be fortified against infiltration -- hundreds of thousands of them hammer at those vulnerabilities ...

Microsoft has released an improved security filter for its Internet Information Services (IIS) Web server that is designed to help thwart SQL injection attacks. The free application, called UrlScan ...

Security researchers SecurityBridge, who notified SAP after finding the flaw, described as a “missing input sanitation” vulnerability, which allows unauthenticated threat actors to insert malicious ...

eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More Last September, Errata Security CEO Robert Graham told us ...

Security firm Sophos disclosed on Monday that BusinessWeek magazine's Web site had been hacked. The attack targeted Microsoft's enterprise SQL Server database via insecure Web pages. More than one ...

Microsoft on Friday found itself trying to clarify that it has nothing to do with the poor coding practices that have enabled a massive SQL injection attack to affect Web sites using Microsoft IIS Web ...

Microsoft is claiming that an injection attack vulnerability discovered late last week and made public this week related to the popular business database application SQL, is not the company's fault ...

F-Secure found evidence of yet another massive round of infected Web sites on Thursday, all compromised by SQL injection attacks. Many pundits in the blogosphere were quick to blame Microsoft IIS ...