In late 1998, when I was just beginning my career in technology, I read in the venerable Phrack magazine how poor input sanitization allowed rain.forest.puppy (the pseudonym used by Jeff Forristal) to ...

Microsoft has released an improved security filter for its Internet Information Services (IIS) Web server that is designed to help thwart SQL injection attacks. The free application, called UrlScan ...

Anytime a value is placed on something, one has to note that at some point in time others may want it. Not only will someone want it, but someone might use covert methods to obtain it. This of course ...

Today's exponential increase in attack volume and complexity can largely be chalked up to the cybercriminal's creed of working smarter, not harder. It isn't so much l33t hackers toiling at code for ...

An exploit that takes advantage of database query software that does not thoroughly test the query statement for correctness. Along with cross-site scripting (see XSS), SQL injection is used to break ...

SQL injection attacks have been around for a long time, and they remain a major security risk. This ebook explains where the dangers lie and what you can do to protect your organization from these ...

Typical speed camera traps have built-in OCR software that is used to recognize license plates. A clever hacker decided to see if he could defeat the system by using SQL Injection… The basic premise ...

We now live in a data-driven world, where information is the core of business systems. Just last year, analyst firm IDC predicted that we would consume 1.8 zettabytes of information each year, and the ...

Workplace security staffs must act fast to iron out kinks in their application code if they want to be fortified against infiltration -- hundreds of thousands of them hammer at those vulnerabilities ...

SQL is a convenient way to manage and query your data, but badly written queries can tie up your database. Here are seven common SQL traps and how to avoid them. Database developers have it tough.