CSOonline

Glastopf Web application honeypot gets SQL injection emulation capability

The Honeynet Project, a non-profit organization that develops open-source security research tools, has created a component for the Glastopf Web application honeypot software that can emulate ...
GIGAZINE

It was pointed out that airport and cockpit security could be breached by SQL injection attacks

The Transportation Security Administration (TSA) has a program called 'KCM (Known Crewmember)' that allows pilots and flight attendants to pass security checks even when they are off. Similarly, there ...
CSOonline

SQL injection, XSS vulnerabilities continue to plague organizations

Errors that allow SQL injection and cross-site scripting attacks are still the top vulnerabilities that pen-testers find, especially at smaller companies. Despite years topping vulnerability lists, ...
Ars Technica

Overcoming rudimentary SQL injection protection

I'm in the process of documenting the many ways in which an application is terrible. One of those ways is that it's vulnerable to SQL injection. It's not completely open, but you can manipulate a few ...
The Verge

Researchers say a bug let them add fake pilots to rosters used for TSA checks

TSA security could be easily bypassed by using a simple SQL injection technique, say security researchers. TSA security could be easily bypassed by using a simple SQL injection technique, say security ...
Bleeping Computer

Hackers steal data of 2 million in SQL injection, XSS attacks

A threat group named 'ResumeLooters' has stolen the personal data of over two million job seekers after compromising 65 legitimate job listing and retail sites using SQL injection and cross-site ...