Dark Reading

New 'GambleForce' Threat Actor Behind String of SQL Injection Attacks

Researchers have spotted a new threat actor targeting organizations in the Asia-Pacific region with SQL injection attacks using nothing more than publicly available, open source penetration-testing ...
Dark Reading

10 Reasons SQL Injection Still Works

After all of these years, SQL injection vulnerabilities still stand as an old reliable for attackers seeking to break into corporate databases. "SQL injection is still out there for one simple reason: ...
CMS Wire

How They Hack Your Website: Overview of Common Techniques

Digging into how sites and web content management systems are most often hacked, and what you can do to reduce the risk of it happening to you. (Editor's note: This story has been updated.) We hear ...
CSOonline

What is SQL injection? How these attacks work and how to prevent them

Immortalized by “Little Bobby Drop Tables” in XKCD 327, SQL injection (SQLi) was first discovered in 1998, yet continues to plague web applications across the internet. Even the OWASP Top Ten lists ...