sql injection
24 ResultsDictionary
SQL injection
An exploit that takes advantage of database query software that does not thoroughly test the query statement for correctness. Along with cross-site scripting (see XSS), SQL injection is used by...
Dictionary
Definition: SQL injection
An exploit that takes advantage of database query software that does not thoroughly test the query statement for correctness. Along with cross-site scripting (see XSS), SQL injection is used by worms to break into Web sites and extract data or embed malicious code.
THIS DEFINITION IS FOR PERSONAL USE ONLY
All other reproduction is strictly prohibited without permission from the publisher.
© 1981-2010 The Computer Language Company Inc. All rights reserved.
Sponsored White Papers, Webcasts & Resources
-
Introducing the New VMware Management Solution Portfolio
Check out this webcast to learn more about the New VMware Management Solution Portfolio.
-
Over a million web sites affected in mass SQL injection attack
Security researchers from Armorize have intercepted a mass SQL injection attack, targeting ASP ASP.NET websites.
-
Mass SQL injection attack leads to scareware
Security researchers from WebSense have detected a mass SQL injection attack, which the cybercriminals monetize through scareware, also known as fake security software.
-
The Pirate Bay hacked through multiple SQL injections
By using multiple SQL injections, Argentinian group of security researchers managed to obtain access to the Pirate Bay's administration panel, leading to the exposure of sensitive data belonging...
-
Reports: SQL injection attacks and malware led to most data breaches
With millions of personal records and payment card information stolen on a regular basis, several recently released reports independently confirm the main sources of breaches. Not surprisingly,...
-
phpMyAdmin Plugs SQL Injection, XSS Flaws
A new version of phpMyAdmin has been released to plug two serious security holes that could lead to SQL injection and cross-site scripting attacks.
-
-
Gonzales just tip of iceberg in Heartland attack
Albert Gonzales, previously accused of breaking into TJX's computer systems, was indicted on charges that a separate group he was involved in breached Heartland Payment Systems. Also indicted...
-
International Kaspersky sites susceptible to SQL injection attacks
According to a security group going under the name of TeamElite, the international sites of Kaspersky Iran (kasperskylabs.ir), Taiwan (web.kaspersky.com.tw) and South Korea (kasperskymall.co.kr)...
-
Thousands of legitimate sites SQL injected to serve IE exploit
Once again confirming the trend of having more legitimate sites serving exploits and malware than purely malicious ones, Chinese hackers have been keeping themselves busy during the last couple of...
-
Black market for zero day vulnerabilities still thriving
One would assume that popular sources for zero day vulnerabilities+Poc's such as Full-Disclosure, Bugtraq or Milw0rm are the primary sources for obtaining responsibly or irresponsibly released...
-
Google to introduce warnings for potentially hackable sites
Last week, Google's Patrick Chapman and Matt Cutts announced that they're experimenting with a new security feature aiming to alert webmasters on the potential for having their sites hacked due to...
-
Adobe's Serious Magic site SQL Injected by Asprox botnet
According to SophosLabs Adobe's owned seriousmagic.com has been automatically SQL injected by the Asprox botnet, becoming the very latest high profile legitimate web sites injected with links to...
-
Kaspersky's Malaysian site hacked by Turkish hacker
According to Zone-h.org, Kaspersky's Malaysian site has been defaced by a Turkish hacker during the weekend, through a SQL injection, leaving the following message - "hacked by m0sted And Amen...
-
Sony PlayStation's site SQL injected, redirecting to rogue security software
The latest high trafficked web site to fall victim into the continuing waves of massive SQL injection attacks courtesy of copycats and the ASProx botnet, is Sony's PlayStation U.S site according...
-
Microsoft ships free code auditing tools to thwart SQL injection attacks
On the heels of a dramatic rise in SQL injection attacks linked to drive-by malware downloads, Microsoft has released aimed at helping Webmasters and IT administrators block and eradicate this...
-
Phoenix Mars Lander's mission site hacked
With the world's eyes on the latest multimedia streaming straight from Mars, during the weekend the Phoenix Mars Mission's site got hit twice, first by an Ukrainian web site defacer who posted a...
-
Michael Howard on SQL Injection and my concerns on the most recent attacks
So, in catching up with blogs after vacation, I went and had a peak at Michael Howard's web log, and was glad to see another post from him. His posts are very insightful (I just wish he would...
-
Google introducing Safe Browsing diagnostic to help owners of compromised sites
Last week, Google's Niels Provos made an announcement regarding a newly introduced feature aiming to help owners of compromised sites in understanding the implications of the compromise, as well...
-
Over 1.5 million pages affected by the recent SQL injection attacks
In an attempt to mitigate the impact of the recent waves of SQL injection attacks, and provide more transparency into the approximate number of affected pages, the Shadowserver Foundation is...
-
Pro-Serbian hacktivists attacking Albanian web sites
The rise of pro-Kosovo web site defacement groups was marked in April, 2008, with a massive web site defacement spreading pro-Kosovo propaganda. The ongoing monitoring of pro-Kosovo hacking groups...
-
Fast-Fluxing SQL injection attacks executed from the Asprox botnet
The botnet masters behind the Asprox botnet have recently started SQL injecting fast-fluxed malicious domains in order to enjoy a decent tactical advantage in an attempt to increase the...
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
Vendor Showcase
Facebook Activity
