SQL Injection News, Articles and Updates

OpenText Document Sciences full of holes - multiple vulnerabilities found

SQL injections and cross-site scripting vulnerabilities are among the flaws found in OpenText Document Sciences xPression.

ICYMI: EMC 'bugs', LeakerLocker, biometric rise, SpyDealer, good Lord!

In case you missed it: Researchers claim bugs in EMC, LeakerLocker outwitting mobile app stores, biometrics will rise up, SpyDealer stealing data from Facebook etc and the House of Lords will release report on post-Brexit GDPR.

EMC products hit by multiple vulnerabilities including SQL injection

Multiple SQL injection flaws in EMC products could allow hackers to gain web access and take information from applications.

Data breach authority Verizon Enterprise breached; 1.5 million customers impacted

Known for its highly respected Data Breach Investigations Report, Verizon Enterprise Solutions has suffered its own data breach, after a cyber-criminal was discovered selling information linked to 1.5 million of its customers.

I hacked Citrix, says Russian hacker w0rm

Citrix, a provider of virtualisation, cloud computing and remote assistance software and services to thousands of organisations worldwide, has reportedly been breached which, if true, would lay bare millions of customer endpoints.

Up to 100K Archos customers compromised by SQL injection attack

French smartphone maker Archos was compromised by a SQL injection attack last Christmas, resulting in the leak of up to 100,000 customer details. But fortunately, passwords and credit card details were not stolen.

ICYMI: Drupal flaw, Android Lollipop and security shortcomings

This week's In Case You Missed Column looks at websites at risk from Drupal's SQL injection flaw, security features on Android and information security shortcomings in business.

UK's Racing Post leaks 677,000 customer names and passwords

SQL injection to blame for Racing Post incursion

WSJ the latest publisher to be hit by 'w0rm' hacker

The Wall Street Journal has become the latest US media organisation to be hacked, just days after similar attacks against Vice Media and Metro US.

Steady rise in complex web attacks in 2013

The actions of just a few gangs can signal a big shift in the industry as a whole - and strangely - the Target breach may have reduced activity by some players.

Use of cross-site scripting attacks massively increased at end of 2012

Cross-site scripting (XSS) and SQL injection attacks remain the most prominent cyber attack method.

Hackers expose list of Navy email logins

Hackers claiming to be affiliated with Anonymous have exposed a list of Navy email logins after breaking into Queen's Harbour Masters websites.