Home Tags SQL Injection

Tag: SQL Injection

Million-Plus WordPress Sites Exposed by Vulnerable Plugin

The popular NextGEN Gallery WordPress plugin was recently patched to address a “severe” SQL injection vulnerability that put website databases at risk.

Researchers find “severe” flaw in WordPress plugin with 1 million installs

More than 1 million websites running the WordPress content management system may be vulnerable to hacks that allow visitors to snatch password data and...

Russian-Speaking Rasputin Breaches Dozens Of Organizations

Attacker behind Election Assistance Commission hack now using SQL injection as his weapon of choice against universities and government agencies.

Rasputin whips out large intimidating tool, penetrates uni, city, govt databases...

Ra, Ra Rasputin.SQL injection is his thing A Russian-speaking miscreant dubbed "Rasputin," who potentially hacked into the US Election Assistance Commission and sold access...

How to predict the next major hack

I think we can all agree that Yahoo has really had an off decade (or so). Most recently, reports revealed that, basically, Yahoo's security...

WordPress patches dangerous XSS, SQL injection bugs

The security release fixes three flaws in the content management system.

WordPress slips out three quick patches

Cross-site scripting, cross-site request forgery shuttered WordPress has fixed three flaws in its content management system, shuttering cross-site scripting and SQL injection bugs three...

WordPress 4.7.2 Update Fixes XSS, SQL Injection Bugs

WordPress fixed three security issues, including a XSS and SQL injection, with WordPress 4.7.2 this week.

GitHub Bug Bounty Program Continues to Pay Rewards

GitHub celebrates the third anniversary of its Bug Bounty program, with bonus rewards for security disclosures, as the program continues to help the popular...

Deceive in order to detect

Interactivity is a security system feature that implies interaction with the attacker and their tools as well as an impact on the attack scenario...

Threat Attribution: Misunderstood & Abused

Despite its many pitfalls, threat attribution remains an important part of any incident response plan. Here's why. Threat attribution is the process of identifying actors...

Trump’s cyber-guru Giuliani runs ancient ‘easily hackable website’

Stunned security experts tear strips off president-elect pick hours after announcementUS president-elect Donald Trump's freshly minted cyber-tsar Rudy Giuliani runs a website with a...