Kick Spy!, Kick Zeitgeist and Kick Widgets
blogs.msdn.com — Having a chat about SQL Injection on Friday July 18th. read more...
codersbarn.com — Apparently the saga continues; although I don't have exact figures, there was another rise in attacks in May. Suffice to say that Microsoft saw fit to release a security advisory (954462) on Tuesday, 06-24-2008. read more...
communities.hp.com — Microsoft worked with the HP Web Security Research group to release the Scrawlr tool. The tool will crawl a website, simultaneously analyzing the parameters of each individual web page for SQL Injection vulnerabilities. This will allow an IT/DB admin to easily find vulnerabilities similar to the ones that have been used to compromise sites in recent attacks. No source code is required to run this tool. From a starting URL, the tool recursively crawls that URL in order to build up a site tree that will be then analyzed for SQL injection vulnerabilities. read more...
dotnethitman.spaces.live.com — SQL injection can occur when an application uses input to construct dynamic SQL statements or when it uses stored procedures to connect to the database. Conventional security measures, such as the use of SSL and IPSec, do not protect your application from SQL injection attacks. Successful SQL injection attacks enable malicious users to execute commands in an application's database. You should always be reviewing your code to find these or other security vulnerabilities; remember all type of attacks start with some input, and your first line of defense should be input validation using both client-side and server-side validation. read more...
weblogs.asp.net — Scott Guthrie discusses what SQL Injection is and how to prevent it in your applications. read more...
wwwcoder.com — Keep your code secure against intruders. In this article we provide examples of SQL injection attacks and how you can write code to prevent them. Stop people from getting information from your database. read more...
Sponsored Link: www.carlist.ie
Ads via The Lounge