Digging into how sites and web content management systems are most often hacked, and what you can do to reduce the risk of it happening to you. (Editor's note: This story has been updated.) We hear ...

These days SQL injection vulnerabilities may seem like a dime a dozen, but creative penetration testers and attackers continue to come up with new ways to take advantage of this vulnerability class ...

Sophos experts have discovered that the website of BusinessWeek, the world famous weekly magazine, has been attacked by hackers in an attempt to infect the readership with malware. Hundreds of pages ...

Mike Chapple is a teaching professor of IT, analytics and operations at the University of Notre Dame. On Dec. 26, 2007, Albert Gonzalez, a 28-year-old resident of Miami, launched an attack against the ...

eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More Last September, Errata Security CEO Robert Graham told us ...

— -- Cybercriminals are spreading invisible infections far and wide across the Internet by hammering hundreds of thousands of websites each day with so-called SQL injection attacks. The trend ...

The Honeynet Project, a non-profit organization that develops open-source security research tools, has created a component for the Glastopf Web application honeypot software that can emulate ...

Microsoft is claiming that an injection attack vulnerability discovered late last week and made public this week related to the popular business database application SQL, is not the company's fault ...

My colleague Paul Baccas from SophosLabs has blogged about a number of webpages on news websites that have been infected by an SQL Injection attack designed to install malware onto users’ computers.

Oracle’s MySQL.com customer website was apparently compromised over the weekend by a pair of hackers who publicly posted usernames, and in some cases passwords, of the site’s users. Taking credit for ...