Security researchers have developed a generic technique for SQL injection that bypasses multiple web application firewalls (WAFs). At the core of the issue was WAF vendors failing to add support ...

A new tool is making the rounds on the criminal underground. Called Katyusha Scanner, this is a hybrid between a classic SQL injection (SQLi) vulnerability scanner and Anarchi Scanner, an open ...

Microsoft has added automated backup and patching for SQL Server databases running in virtual machines on its Azure cloud, in a bid to simplify management and improve reliability.

Cross-site scripting (XSS) and SQL injection activity is up 32% in the third quarter, as those with malicious intent look to specifically target web-facing and cloud applications carrying sensitive ...

Security researchers have found a vulnerability in a key air transport security system that allowed unauthorized individuals to potentially bypass airport security screenings and gain access to ...