News (25)

Researchers offer tool for breaking into Oracle databases

During their presentation at the Black Hat and Defcon hacker conferences next week in Las Vegas, security experts will release a tool that can be used to break into Oracle databases. Read more »

Chrome security in limelight with Google OS plan

The techniques Google uses to protect Chrome users from browser-based attacks have taken on new importance with the company's plan to make the software the centerpiece of a Netbook operating system. Read more »

HP offers developers free Flash-app security tool

HP is set to announce a free tool that developers can use to check for holes in the Flash applications they write, which can lead to data leaks and other security problems on websites. Read more »

Microsoft patches four critical IE, Exchange holes

Microsoft on Tuesday released security updates that fix four critical vulnerabilities in Internet Explorer and Exchange Server that could allow an attacker to take control of an affected computer remotely. Read more »

Kaspersky denies leaks after SQL hack

Russian antivirus vendor Kaspersky Labs' US website was hacked over the weekend exposing the company's customer database, but Kaspersky has denied data was compromised and says the vulnerability wasn't critical. Read more »

Half of security vulnerabilities going unpatched

More than half of the security vulnerabilities disclosed during 2008 had no patches available from the vendor by the end of the year, according to a report released on Monday by IBM's X-Force research group. Read more »

Zero-day exploit endangers all IE versions

An unpatched security hole in Internet Explorer that is being exploited affects all versions of the browser, making it more serious than originally believed when it was first publicised, Microsoft says. Read more »

BusinessWeek site hacked

Hackers have broken into BusinessWeek's online site and set up an attack scenario in which visitors to a section of the site could have their own computers compromised and their data stolen, a security researcher said on Monday in the US. Read more »

IBM chides security researchers

Technology giant IBM has taken independent security researchers to task for their role in making information about unpublished computer attacks available in an undisciplined manner. Read more »

Google's Blogger number one for malware

Search giant Google has catapulted itself to the top in the ranks of web hosts with the most malware, courtesy of its blogging website Blogger, according to security vendor Sophos. Read more »

More Sql Injection News Results

Features (10)

OutSystems' Agile Platform: The IDE of my dreams

Get in-depth details about OutSystems' Agile Platform, including information about deployment, security, data binding, project management, and more. Read more »

Firewall MySQL with GreenSQL

GreenSQL is a "firewall" for MySQL databases that could help protect your database from SQL injection vulnerabilities. Read more »

Security in the Web 2.0 Era

At the Gartner Symposium ITxpo 2008 in Sydney this week, Andrew Walls, the research director and security analyst at Gartner presented "Security in the Age of E-Commerce and Web 2.0". Read more »

What is cross-site scripting?

Cross-site scripting, also known as "XSS," is a class of security exploit that has gotten a fair bit of attention in the last few years. This article explains what it is and where the dangers lie. Read more »

Ruby on Rails Explained

There are plenty of frameworks around but Ruby on Rails is a new breed, focused on productivity not language. Simon Jackson explains what makes it different. Read more »

Is LINQ the future of database development?

The LINQ (.NET Language Integrated Query) Project is a Microsoft initiative to standardise data access across not only data sources but also development. Will it revolutionise database development? Read more »

Supersize me-- Access to SQL

Access developers who have ambitions to upsize to SQL Server face several problems. The problem that's the most difficult to surmount is dynamic SQL. Read more »

Simplify .NET SQL queries with the DAAB

Microsoft's Data Access Application Block (DAAB) makes connecting .NET applications to SQL databases easier--if you know how to use it. Read more »

Deleting data from an ASP.NET DataGrid

Deleting data from the DataGrid takes some work. Find out how to create a delete button for the DataGrid and how to build a pop-up delete confirmation. Read more »

Tutorial: JavaScript and regular expressions

If you've worked with regular expressions in Perl, you know that they can simplify search and replace tasks. Using them in JavaScript is just as easy. Read more »

Blog (5)

Hack attack week

Staff [blogs:syslog] -- It wasn't a good week to be an Alaskan vice-presidential candidate, an online publication or even a multinational science project -- as all were compromised by hackers this week. Read more »

The 2008 Trends and Threats to Internet security

Lana Kovacevic [blogs:webanatomy] -- I recently came across the IBM Internet Security Systems X-Force 2008 Mid-Year Trend Statistics report, which outlines issues affecting internet security, including application vulnerabilities, phishing, malware and spam. Read more »

2008 -- where 2006 exploits still rule

Staff [blogs:syslog] -- So the question is: who is running their SQL servers on systems unpatched since 2006 and/or not installing service packs? The answer is clearly enough people to warrant continued exploitation. Read more »

Attack Modeling vs Threat Modeling

[blogs:] -- Traditional Threat Modeling from an adversarial approach is actually Attack Modeling. So what is Threat Modeling then and how does it differ from Attack Modeling? Read more »

New Dev Security Training Modules

[blogs:] -- The Patterns and Practices team at Microsoft has posted some secure development training modules from Keith Brown. Read more »

Log in


Sign up | Forgot your password?

Blogs

RSS feed

  • Staff Microsoft shows off IE9 preview

    This week, highlights from Microsoft's MIX10 conference and more in the Roundup. Read more »

    -- posted by Staff

  • Chris Duckett IE9's H.264 vote killed Ogg

    In a split decision by the judges, the winner of the W3C/WHATWG video codec consensus is H.264, taking home the future of video playback on the internet while loser Ogg goes home with nothing but thoughts of what might have been. Read more »

    -- posted by Chris Duckett

  • Staff Google launches Apps Marketplace

    Google launches and app store, while Mozilla plans to re-write its open-source license. More of this week's news in the Roundup. Read more »

    -- posted by Staff

What's on?

  • Optus Deal

    Broadband + home phone + PlayStation®3 in a single package price!