Ars Technica

SQL injection attacks against classic ASP site, what can be done?

We have just taken over a classic ASP site that is getting frequently attacked with SQL injection attacks.<BR><BR>At the moment, we are requesting budget to actually code real fixes on the pages and ...
Bleeping Computer

Telegram-Based SQL Injection Scanner Available for $500 on Hacking Forum

A new tool is making the rounds on the criminal underground. Called Katyusha Scanner, this is a hybrid between a classic SQL injection (SQLi) vulnerability scanner and Anarchi Scanner, an open-source ...
Dark Reading

Tech Insight: SQL Injection Demystified

Several high-profile hacks over the past year including those at Heartland, Hannaford Bros., and 7-11, all have had one thing in common: they were launched with a SQL injection attack. Cross-site ...
Dark Reading

Finding SQL Injection Attacks In Unexpected Quarters

SQL injection attacks have been plaguing the Web for so long that it may seem as if they've grown ho-hum. But even while the fundamentals stay the same -- namely, malforming application input to trick ...
CSOonline

What is SQL injection? How these attacks work and how to prevent them

Immortalized by “Little Bobby Drop Tables” in XKCD 327, SQL injection (SQLi) was first discovered in 1998, yet continues to plague web applications across the internet. Even the OWASP Top Ten lists ...
Linux Journal

Drupageddon: SQL Injection, Database Abstraction and Hundreds of Thousands of Web Sites

Drupal is a very widely used open-source content management system. It initially was released in 2001, and recent statistics show Drupal as the third-most popular content management system, with just ...