Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Monday, 6 February, 2023
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

A quarter of attacks target SQL Injection flaws

by The Gurus
May 15, 2014
in Editor's News
Share on FacebookShare on Twitter

Of 300,000 attack campaigns that have occurred globally over the past 30 days, around a quarter were targeting SQL Injection flaws.
 
According to Imperva, 24.6 per cent% of all attacks were SQLi attack focused. Barry Shteiman, director of security strategy at Imperva, said that SQL Injection is far from a problem of the past, it is still easy to exploit and an often used attack vector to steal information, and often does not require advanced technical skills to perform.
 
“In fact, SQLi is so effective that advanced attackers are building automated attack botnets using SQLi automation tools to either break into or onboard new zombies to their botnet,” he said. “We know that SQLi isn’t going anywhere anytime soon, and web application attacks are a real threat that can cost upwards of $200,000 to manage. Education and deploying the necessary mitigation tactics to prevent an attack should be top of mind for everyone.”
 
The recent NTT 2014 GTIR report revealed that the cost for a “minor” SQL injection attack exceeded $196,000, while an article published by Arstechnica revealed that the US Navy’s “Smart Web Move” databasewas accessed by exploiting an SQL Injection flaw.
 
Rob Sobers, director at Varonis, said that the tools are out there to detect SQL injection, but said that it is really up to businesses to take the initiative to discover and fix their SQL injection vulnerabilities.
 
Stephen Coty, chief security evangelist at Alert Logic, said: “SQL Injection has been around for decades and will continue to be as long as there are vulnerable websites and malicious actors willing to exploit them.
 
“SQLi is effective because people do not have a proper software development lifecycle with security injected into it. Proper coding practices and proactive scanning of developed code is how you are able to protect yourself from SQL injection.”

FacebookTweetLinkedIn
Tags: FlawhackingSQL InjectionVulnerability
ShareTweetShare
Previous Post

SANS Institute's Eric Cole on mentoring

Next Post

US retailers to establish intelligence sharing centre

Recent News

london-skyline-canary-wharf

Ransomware attack halts London trading

February 3, 2023
Ransomware conversations: Why the CFO is pivotal to discussing and preparing for risk

Ransomware conversations: Why the CFO is pivotal to discussing and preparing for risk

February 2, 2023
JD Sports admits data breach

JD Sports admits data breach

January 31, 2023
Acronis seals cyber protection partnership with Fulham FC

Acronis seals cyber protection partnership with Fulham FC

January 30, 2023

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Events
    • Most Inspiring Women in Cyber 2022
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2019 IT Security Guru - Website Managed by Calm Logic

This site uses functional cookies and external scripts to improve your experience.

Privacy settings

Privacy Settings / PENDING

This site uses functional cookies and external scripts to improve your experience. Which cookies and scripts are used and how they impact your visit is specified on the left. You may change your settings at any time. Your choices will not impact your visit.

NOTE: These settings will only apply to the browser and device you are currently using.

GDPR Compliance

Powered by Cookie Information