CSO Online

Fortinet hit by another exploited cybersecurity flaw

A critical SQL injection flaw in FortiClient EMS allows remote code execution and data exfiltration, leaving thousands of ...
InfoWorld

DDoS and SQL injection are hot topics on hacking forums

Distributed denial of service and SQL injection are the main types of attack discussed on hacking forums, according to new research from security vendor Imperva. Underground discussion forums are an ...
Dark Reading

Cacti Monitoring Tool Spiked by Critical SQL Injection Vulnerability

A critical vulnerability in the Cacti Web-based open source framework for monitoring network performance gives attackers a way to disclose Cacti's entire database contents — presenting a prickly risk ...
dbta

Addressing SAP’s SQL Injection Attacks and Directory Traversal Vulnerabilities

SAP platforms, used by 99 of the Fortune 100 companies and with over 280 million cloud subscribers worldwide, are among the most reliable business applications. As SAP administrators, your role in ...
Computerworld

Hacking victim Bit9 blames SQL injection flaw

Bit9 said a common Web application vulnerability was responsible for allowing hackers to ironically use the security vendor’s systems as a launch pad for attacks on other organizations. Based in ...
Bleeping Computer

Microsoft: Hackers target Azure cloud VMs via breached SQL servers

Hackers have been observed trying to breach cloud environments through Microsoft SQL Servers vulnerable to SQL injection. Microsoft's security researchers report that this lateral movement technique ...
Bleeping Computer

The MOVEit hack and what it taught us about application security

When a cyberattack like the 2023 MOVEit hack makes global news headlines, attention often focuses on the names of the affected organizations, or the number of people impacted. While this spotlight is ...