How SQL Injection Attacks Work

Author: Dennis Fisher

August 3, 2012 4:41 pm

SQL injection attacks have been going on for years, and the vulnerabilities and exploitation techniques are well-understood and widely discussed. However, they’re still quite prevalent and are used in a variety of scenarios. One recent example is the attack on a Yahoo site that resulted in a breach of 450,000 usernames and passwords. In this video, Ryan O’Boyle of Veracode discusses the nature of SQL injection attacks and how to defend against them.

SQL injection attacks have been going on for years, and the vulnerabilities and exploitation techniques are well-understood and widely discussed. However, they’re still quite prevalent and are used in a variety of scenarios. One recent example is the attack on a Yahoo site that resulted in a breach of 450,000 usernames and passwords. In this video, Ryan O’Boyle of Veracode discusses the nature of SQL injection attacks and how to defend against them.

Suggested articles

data dump

6 Questions Attackers Ask Before Choosing an Asset to Exploit

David “moose” Wolpoff at Randori explains how hackers pick their targets, and how understanding “hacker logic” can help prioritize defenses.

unpatched urgent/11 cdpwn

Millions of Unpatched IoT, OT Devices Threaten Critical Infrastructure

Industrial, factory and medical gear remain largely unpatched when it comes to the URGENT/11 and CDPwn groups of vulnerabilities.

D-Link Routers at Risk for Remote Takeover from Zero-Day Flaws

Critical vulnerabilities discovered by Digital Defense can allow attackers to gain root access and take over devices running same firmware.