SQL injection Archives - Help Net Security

Don't miss:

Cisco plugs WPA2 holes, critical Cloud Services Platform flaw

Business suffers as over-zealous security tools block legitimate work

Millions download botnet-building malware from Google Play

open

Unpatched SQLi vulnerability in SmartVista e-commerce suite

Companies using SmartVista, the popular e-commerce/payment management product suite developed by Swiss company BPC Banking Technologies, are urged to put limit access to its …

Katyusha

Telegram-based Katyusha SQL injection scanner sold on hacker forums

July 12, 2017
cybercrime
hacking
MySQL

Despite regularly achieving one of the top spots on the OWASP Top 10 list of the most critical web application security risks, injection vulnerabilities continue to plague …

Joomla

Joomla users: Update immediately to kill severe SQLi vulnerability

May 18, 2017
CMS
exploit
joomla

Version 3.7 of Joomla, pushed out less than a month ago, opens websites to SQL injection attacks, Sucury Security researchers have found. As explained by researcher …

Report: The changing face of hacking

Hacker breached 60+ unis, govt agencies via SQL injection

A hacker tied to the November 2016 penetration of the US Election Assistance Commission and subsequent database sale has successfully targeted 60+ government agencies and …

Epic Games

Epic Games forums hacked again, over 800,000 users affected

Some of the online forums maintained by Epic Games, the video game development company behing the Unreal Engine technology and games based on it, have been hacked and their …

Ubuntu

Ubuntu Forums hacked again, 2 million users exposed

Canonical’s Ubuntu Forums have been hacked, and the attacker has managed to access and download part of the Forums database, containing usernames, email addresses and …

lock

Strengthen security during production and development

Applications have become the heart of many businesses, with millions of dollars allocated to their development and millions of dollars in revenue associated with their …

Report: The changing face of hacking

Phineas Fisher records, publishes latest attack

Phineas Fisher, the hacker behing the Gamma International and Hacking Team breaches and data leaks, is at it again. This time his target was Sindicat de Mossos …

point

Researcher demonstrates website’s lax security, gets arrested

David Levin, CTO of pentesting company Vanguard Cybersecurity, has made a critical mistake while testing the security of the Lee County (Florida) elections website: he …

Broken glass

E-commerce web apps vulnerable to hijacking, database compromise

High-Tech Bridge researchers have published details and PoC exploit code for several serious vulnerabilities in Osclass, osCmax, and osCommerce, three popular open source …