Dark Reading

Serving Up Malicious PDFs Through SQL Injection

These days SQL injection vulnerabilities may seem like a dime a dozen, but creative penetration testers and attackers continue to come up with new ways to take advantage of this vulnerability class ...
CMS Wire

How They Hack Your Website: Overview of Common Techniques

Digging into how sites and web content management systems are most often hacked, and what you can do to reduce the risk of it happening to you. (Editor's note: This story has been updated.) We hear ...
CSOonline

JSON-based SQL injection attacks trigger need to update web application firewalls

Security researchers have developed a generic technique for SQL injection that bypasses multiple web application firewalls (WAFs). At the core of the issue was WAF vendors failing to add support for ...
PC World

Glastopf Web application honeypot gets SQL injection emulation capability

The Honeynet Project, a non-profit organization that develops open-source security research tools, has created a component for the Glastopf Web application honeypot software that can emulate ...