SQL injection has been a major security risk since the early days of the internet. Find out what's at risk, and how cybersecurity pros can defend their organizations. Few things terrify IT security ...

[The following is excerpted from "Anatomy Of A SQL Injection Attack," a new report posted this week on Dark Reading's Database Security Tech Center.] It started with a vulnerability on a password ...

SQL injection attacks are among the oldest exploits against web applications, dating back more than a decade. Sadly, despite the fact that it is fairly easy to defend against these injection attacks, ...

On the heels of a dramatic rise in SQL injection attacks linked to drive-by malware downloads, Microsoft has released aimed at helping Webmasters and IT administrators block and eradicate this attack ...

As one of the longest-lingering burrs in the saddles of database security and application security professionals, SQL injection continues to plague the Web application world for a myriad of reasons.

So, in catching up with blogs after vacation, I went and had a peak at Michael Howard's web log, and was glad to see another post from him. His posts are very insightful (I just wish he would post ...

The U.K. Information Commissioner's Office has issued a warning to businesses to eliminate SQL injection vulnerabilities from their websites, after fining a hotel booking site for failing to properly ...

The security community is divided about the recent arrest of a security researcher who hacked into the website for the elections division of a county in Florida. The question is whether he deserved to ...

UPDATE 6/25: Microsoft has decided to be helpful on the issue of SQL injection attacks. It released a tool today that it says will analyze code to help Web programmers identify problems that leave ...

A new tool is making the rounds on the criminal underground. Called Katyusha Scanner, this is a hybrid between a classic SQL injection (SQLi) vulnerability scanner and Anarchi Scanner, an open-source ...