CSOonline

JSON-based SQL injection attacks trigger need to update web application firewalls

Security researchers have developed a generic technique for SQL injection that bypasses multiple web application firewalls (WAFs). At the core of the issue was WAF vendors failing to add support for ...
Computerworld

Beyond stored procedures: Defense-in-depth against SQL injection

SPI Dynamics – A few years ago, mentioning the phrase “SQL injection” to developers would probably get you blank stares. Today, while more developers have heard of SQL injection 1 attacks and know the ...
Computerworld

MySQL website falls victim to SQL injection attack

Oracle’s MySQL.com customer website was apparently compromised over the weekend by a pair of hackers who publicly posted usernames, and in some cases passwords, of the site’s users. Taking credit for ...