CSOonline

What is SQL injection? How these attacks work and how to prevent them

Immortalized by “Little Bobby Drop Tables” in XKCD 327, SQL injection (SQLi) was first discovered in 1998, yet continues to plague web applications across the internet. Even the OWASP Top Ten lists ...
CRN

Thwarting SQL Web Hacks

That is precisely how hackers plugged themselves into the Web sites of Guess Jeans, PetCo, Tiffany's and scores of others. Unfortunately for PetCo, 500,000 customers' credit-card numbers were left ...
Computerworld

Mass SQL injection attack hits Chinese Web sites

Web sites across China and Taiwan are being hit by a mass SQL injection attack that has implanted malware in thousands of Web sites, according to a security company in Taiwan. First detected on May 13 ...
CSOonline

JSON-based SQL injection attacks trigger need to update web application firewalls

Security researchers have developed a generic technique for SQL injection that bypasses multiple web application firewalls (WAFs). At the core of the issue was WAF vendors failing to add support for ...