Dark Reading

A Weapon Against SQL Injection

The single most common database security inquiry I get is, "What's this whole stored procedure parameter thing, and how does it help with SQL injection?"With the Albert Gonzales hearings under way, ...
InfoWorld

Video: How to hack PHP sites with SQL injection

PHP is a very handy — and widespread — Web programming language. But as Tom Scott demonstrates in the video below, it’s also quite vulnerable to a basic SQL injection attack that could give a hacker ...
eWeek

DB Networks Looks to Detect SQL Injection With New Appliance

eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. Year after year, in study after study, SQL injection is ...
Campus Technology

UrlScan 3.0 Aims To Block SQL Injection Attacks

Microsoft has released an improved security filter for its Internet Information Services (IIS) Web server that is designed to help thwart SQL injection attacks. The free application, called UrlScan ...
CSOonline

What is SQL injection? How these attacks work and how to prevent them

Immortalized by “Little Bobby Drop Tables” in XKCD 327, SQL injection (SQLi) was first discovered in 1998, yet continues to plague web applications across the internet. Even the OWASP Top Ten lists ...
Computerworld

SQL injection attacks led to Heartland, Hannaford breaches

This week’s disclosure that the huge data thefts at Heartland Payment Systems and other retailers resulted from SQL injection attacks could finally push retailers to pay serious attention to Web ...