Get a Pentest and security assessment of your IT network.

News

How to Own a Database With SQL Injection

A seemingly infinite number of sub-methods or variations of SQL Injection attacks can be carried out against the database. The most common technique is exploiting a lack of user input filtering on web pages or application user interface elements. When executed through a web front end, these attacks will not necessarily be caught by firewalls. These attacks are hidden as part of the regular POST data when submitting a web form. A good database activity monitoring solution (DAM) is able to identify these attacks by looking at the actual SQL code submitted or executed on the database back end.

Source: https://threatpost.com/how-own-database-sql-injection-070710/74182/

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

1 day attack with DDoS booter costs $60 causing $720k in damageSecurity Affairs

News

NSA-linked Cisco exploit poses bigger threat than previously thought