How SQL Injection Attacks Work

SQL injection attacks have been going on for years, and the vulnerabilities and exploitation techniques are well-understood and widely discussed. However, they’re still quite prevalent and are used in a variety of scenarios. One recent example is the attack on a Yahoo site that resulted in a breach of 450,000 usernames and passwords. In this video, Ryan O’Boyle of Veracode discusses the nature of SQL injection attacks and how to defend against them.

SQL injection attacks have been going on for years, and the vulnerabilities and exploitation techniques are well-understood and widely discussed. However, they’re still quite prevalent and are used in a variety of scenarios. One recent example is the attack on a Yahoo site that resulted in a breach of 450,000 usernames and passwords. In this video, Ryan O’Boyle of Veracode discusses the nature of SQL injection attacks and how to defend against them.

Suggested articles

Discussion

  • Anonymous on

    try ti help to anti virolus protection wd thanks

     

  • Anonymous on

    Just a tip: Also include methods to avoid SQL injections.

  • Mark on

    I also suggest that sensitive database columns are encrypted as another layer of defence so that even if an injection attack is successful an attacker can only read ciphertext.

     

  • Anonymous");Drop Tables *; on

    Dropping tables :P

  • Anonymous on

     

    freaktrickz.wordpress.com/2012/09/27/sql-injection-tutorial-website-hacking/

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.