SQL injection Archives - Help Net Security

SQL injection

Surging CMS attacks keep SQL injections on the radar during the next normal

September 2, 2020

Every year, millions of websites across the world fall victim to malware attacks that are designed to gain access to the site’s backend without the administrator’s knowledge …

Evasive malware increasing, evading signature-based antivirus solutions

March 26, 2020

Evasive malware has grown to record high levels, with over two-thirds of malware detected by WatchGuard in Q4 2019 evading signature-based antivirus solutions. This is a …

WordPress and Apache Struts weaponized vulnerabilities on the rise

March 17, 2020

Vulnerabilities in leading web and application frameworks, if exploited, can have devastating effects like the Equifax breach which affected 147 million people, according to …

Most credential abuse attacks against the financial sector targeted APIs

February 20, 2020

From May 2019 and continuing on until the end of the year, there was a dramatic shift by criminals who started targeting APIs, in an effort to bypass security controls. …

Cyber risk increases at all layers of the corporate network

November 21, 2019

Organizations will face a growing risk from their cloud and the supply chain, according to Trend Micro. Cyber risk increases at all levels The growing popularity of cloud and …

Researchers uncover 125 vulnerabilities across 13 routers and NAS devices

September 17, 2019

In a cybersecurity study of network attached storage (NAS) systems and routers, Independent Security Evaluators (ISE) found 125 vulnerabilities in 13 IoT devices, reaffirming …

Data from 316 million real-world attacks in AWS and Azure environments

August 23, 2018

In evaluating 316 million incidents, tCell found it clear that attacks against the application are growing in volume and sophistication, and as such, continue to be a major …

Same web-based vulnerabilities still prevalent after nine years

July 27, 2018

Analysis of vulnerabilities discovered by NCC Group researchers over the last nine years found that instances of common web-based vulnerabilities have largely refused to fall …

WordPress site admins: Update immediately!

November 2, 2017

If you’re running your website on WordPress and you haven’t yet upgraded to version 4.8.3, you should do so without delay. The advice comes from the WordPress …

Unpatched SQLi vulnerability in SmartVista e-commerce suite

October 12, 2017

Companies using SmartVista, the popular e-commerce/payment management product suite developed by Swiss company BPC Banking Technologies, are urged to put limit access to its …

Telegram-based Katyusha SQL injection scanner sold on hacker forums

July 12, 2017

Despite regularly achieving one of the top spots on the OWASP Top 10 list of the most critical web application security risks, injection vulnerabilities continue to plague …

Joomla users: Update immediately to kill severe SQLi vulnerability

May 18, 2017

Version 3.7 of Joomla, pushed out less than a month ago, opens websites to SQL injection attacks, Sucury Security researchers have found. As explained by researcher …