SQL injection has been a major security risk since the early days of the internet. Find out what's at risk, and how cybersecurity pros can defend their organizations. Few things terrify IT security ...

[The following is excerpted from "Anatomy Of A SQL Injection Attack," a new report posted this week on Dark Reading's Database Security Tech Center.] It started with a vulnerability on a password ...

Mike Chapple is a teaching professor of IT, analytics and operations at the University of Notre Dame. On Dec. 26, 2007, Albert Gonzalez, a 28-year-old resident of Miami, launched an attack against the ...

SQL injection attacks are among the oldest exploits against web applications, dating back more than a decade. Sadly, despite the fact that it is fairly easy to defend against these injection attacks, ...

On the heels of a dramatic rise in SQL injection attacks linked to drive-by malware downloads, Microsoft has released aimed at helping Webmasters and IT administrators block and eradicate this attack ...

UPDATE 6/25: Microsoft has decided to be helpful on the issue of SQL injection attacks. It released a tool today that it says will analyze code to help Web programmers identify problems that leave ...

As one of the longest-lingering burrs in the saddles of database security and application security professionals, SQL injection continues to plague the Web application world for a myriad of reasons.

SQL injection exploits may soon be as common as those targeting Windows and Unix flaws, experts say. An estimated 60% of Web applications that use dynamic content are likely vulnerable, with ...

A perfect example is SQL injection as a lurking issue. When an application is rushed out the door there is a real chance that problems will be introduced that can lead to a data breach. The headlines ...

So, in catching up with blogs after vacation, I went and had a peak at Michael Howard's web log, and was glad to see another post from him. His posts are very insightful (I just wish he would post ...