SQL injection
Strengthen security during production and development
Applications have become the heart of many businesses, with millions of dollars allocated to their development and millions of dollars in revenue associated with their …
Phineas Fisher records, publishes latest attack
Phineas Fisher, the hacker behing the Gamma International and Hacking Team breaches and data leaks, is at it again. This time his target was Sindicat de Mossos …
Researcher demonstrates website’s lax security, gets arrested
David Levin, CTO of pentesting company Vanguard Cybersecurity, has made a critical mistake while testing the security of the Lee County (Florida) elections website: he …
E-commerce web apps vulnerable to hijacking, database compromise
High-Tech Bridge researchers have published details and PoC exploit code for several serious vulnerabilities in Osclass, osCmax, and osCommerce, three popular open source …
Attackers use SQL injection to manipulate search engine rankings
Akamai has identified a sophisticated SEO campaign that uses SQL injection to attack targeted websites. Affected websites will distribute hidden HTML links that confuse search …
XSS, SQLi bugs found in several Network Management Systems
Network Management System (NMS) offerings by Spiceworks, Ipswitch, Opsview and Castle Rock Computing have been found sporting several cross-site scripting and SQL injection …