Security News

Microsoft offers extended support for Windows, SQL 2008: but with a catch
2018-07-12 22:06

An extra three years of patches are being offered to in-cloud users.

2018-05-29 15:52

A recently discovered banking Trojan leverages Microsoft SQL Server for communication with the command and control (C&C), IBM has discovered. read more

Brazilian Banking Trojan Communicates Via Microsoft SQL Server
2018-05-29 14:47

Researchers have discovered a banking trojan making waves in Brazil with an array of tricks up its sleeve, including using an unusual command and control (C&C) server.

Hackers sentenced for SQL injections that cost $300 million
2018-02-19 12:29

It wasn't *only* SQL injection, but it shows how far you can go if a company exposes its soft and fleshy parts to the internet.

XSS, SQL Injection Flaws Patched in Joomla
2018-02-07 15:03

One SQL injection and three cross-site scripting (XSS) vulnerabilities have been patched with the release of Joomla 3.8.4 last week. The latest version of the open-source content management system...

WordPress Delivers Second Patch For SQL Injection Bug
2017-11-01 18:35

A bug exploitable in WordPress 4.8.2 and earlier creates unexpected and unsafe conditions ripe for a SQL-injection attack.

Serious SQL Injection Flaw Patched in WordPress
2017-11-01 09:00

A serious SQL injection vulnerability was patched on Tuesday by WordPress developers with the release of version 4.8.3. read more

Vendor BPC Banking Silent on Patching SQL Injection in SmartVista Ecommerce Software
2017-10-11 18:23

A popular ecommerce platform sold in 60 countries suffers from a SQL injection vulnerability privately disclosed in April that has yet to be patched by the vendor.

Telegram-based Katyusha SQL injection scanner sold on hacker forums (Help Net Security)
2017-07-12 20:51

Despite regularly achieving one of the top spots on the OWASP Top 10 list of the most critical web application security risks, injection vulnerabilities continue to plague database-driven web...

Katyusha Scanner — Telegram-based Fully Automated SQL Injection Tool (The Hackers News)
2017-07-12 02:23

A new powerful hacking tool recently introduced in an underground forum is making rounds these days, allowing anyone to rapidly conduct website scans for SQL injection flaws on a massive scale —...