Tag Archives: SQL Injection

The “Patch and Pray” Approach to Cybersecurity

– On the front page of The New York Times of August 6, 2014, Nicole Perlroth and David Gelles published an article “Russian Hackers Steal Passwords of Billion Users: Data Still Vulnerable – 420,000 Sites, Big and Small, Were Targets, Firm Says.” Usually I wait a week to two or even a month or…

2008 – The Year of the SQL Injection Attack

– For a long time now SQL Injection has been regarded as a potentially devastating attack vector. Attackers used SQL Injection to steal 40 million credit card numbers from Cardsystems in 2005. The rise in SQL Injection attacks has been rapid and has made this attack the one the hackers all want to…