An important aspect of database security is designing your applications to avoid SQL injection attacks. SQL injection is a form of web hacking whereby SQL statements are specified in the fields of a ...

On the heels of a dramatic rise in SQL injection attacks linked to drive-by malware downloads, Microsoft has released aimed at helping Webmasters and IT administrators block and eradicate this attack ...

For more than a decade, injection vulnerabilities have literally topped the charts of critically dangerous software flaws, deemed more serious than all other types of vulnerabilities in the 2010, 2013 ...

SAP has released its November security updates that address multiple security vulnerabilities, including a maximum severity ...

The Katyusha Scanner can find SQL injection bugs at scale, and is managed via the Telegram messenger on any smartphone. A black market hacking tool has the potential to rapidly conduct website scans ...

Many web-facing enterprise applications have databases sitting behind them. For many of those, the application itself is little more than a snazzy user interface sitting on top of a database. And in ...

Respondents taking part in a new study from the Ponemon Institute say they've had their eyes opened to the realities of SQL Injection, and the impact it has on their organization. On Wednesday, the ...

Digging into how sites and web content management systems are most often hacked, and what you can do to reduce the risk of it happening to you. (Editor's note: This story has been updated.) We hear ...

Daniel Cid, a developer of a cloud-based firewall/proxy system, was surprised to discover that his product was blocking requests from Google-owned IP addresses. This was unusual, because few websites ...

With millions of personal records and payment card information stolen on a regular basis, several recently released reports independently confirm some of the main sources of breaches. Not surprisingly ...