CSOonline

JSON-based SQL injection attacks trigger need to update web application firewalls

Security researchers have developed a generic technique for SQL injection that bypasses multiple web application firewalls (WAFs). At the core of the issue was WAF vendors failing to add support for ...
Dark Reading

Report: More Than 500,000 Websites Hit By New Form Of SQL Injection In '08

A new flavor of an old-school Web attack was responsible for compromising more than 500,000 Websites last year. An automated form of SQL injection using botnets emerged as the popular method of ...