CSOonline

JSON-based SQL injection attacks trigger need to update web application firewalls

Security researchers have developed a generic technique for SQL injection that bypasses multiple web application firewalls (WAFs). At the core of the issue was WAF vendors failing to add support for ...
Linux Journal

Drupageddon: SQL Injection, Database Abstraction and Hundreds of Thousands of Web Sites

Drupal is a very widely used open-source content management system. It initially was released in 2001, and recent statistics show Drupal as the third-most popular content management system, with just ...
Dark Reading

Transforming SQL Queries Bypasses WAF Security

BLACK HAT ASIA 2022 — A team of university researchers used basic machine learning to identify patterns that common Web application firewalls (WAFs) fail to detect as malicious, but which can still ...
Infosecurity-magazine.com

SQL Injection and Cross-site Scripting Attacks Surge in Q3

Worryingly, integrated attacks on these applications are becoming more prevalent and automated as well, meaning that businesses should brace for a surge of new activity. Over the third quarter of 2013 ...
CRN

Review: Ajax's Hidden Security Threat and How To Fix It

The danger to IT organizations is that Ajax technology is being perceived as a direct pipeline into corporate data. That's pushing developers to inadvertently expose more data and server logic than ...
Forbes

Browser-Based SaaS: The New Face Of Shadow IT

As more applications migrate to the web, businesses are becoming increasingly reliant on the browser. While a browser-first approach offers various benefits, it also introduces additional risks. The ...
dbta

Redgate Software Releases an Enhanced Version of its SQL Monitoring Tool

Redgate Software is launching a new version of its SQL Server monitoring tool to enable accelerated analysis of SQL Server problems. The platform, SQL Monitor, is a web based SQL Server alerting and ...