Ars Technica

Newly detected SQL injection attack snags Apple in wide net

A new series of mass SQL injection attacks has planted links to malware sites and hidden iframes in over a million webpages, including parts of Apple’s website. The technique is similar to a standard ...
Threat Post

How to Own a Database With SQL Injection

SQL injection is the most common penetration technique employed by hackers to steal valuable information from corporate databases. Yet, as widespread as this method of attack is, a seemingly infinite ...
CSOonline

Databases Assaulted by SQL Injection Attacks

Hackers are striking databases in record numbers, trying to pilfer a rich trove of personal and financial data, a security vendor said Wednesday. SecureWorks, based in Atlanta, is detecting up to ...
Threat Post

PayPal Addresses Months-Old SQL Injection Vulnerability, Frozen Accounts

Researchers with Vulnerability Lab today announced mega payment processor PayPal has fixed a flaw on its site that allowed a remote user or a local user with low privileges to compromise a Web ...
Ars Technica

Week in Apple: kickbacks, SQL attacks, and Facebook

It was a quiet week in Apple news, but the company still got snagged in some SQL injection attacks, a former manager was charged with taking kickbacks, and Facebook added check-ins to its iPhone app.
InfoWorld

Emergency vBulletin patch fixes dangerous SQL injection vulnerability

Developers of the popular vBulletin Internet forum software have issued emergency patches Wednesday in order to fix a SQL injection vulnerability that could allow attackers to read and manipulate ...