Black Hat is over, but SQL injection attacks persist

Last month, Yahoo found itself so overly distracted with kicking out and hiring yet another CEO that it fell prey to an old school SQL injection attack. Security gurus reacted with scorn and dismay at Yahoo’s allowing 400,000 user names and passwords to be carried out the door then displayed on someone’s front lawn for all the world to see, like a yard sale with no buyers.

How could the company not be using a damp towel to wipe the egg from its face? It had fallen prey to a hacker trick so well documented that any online search for the phrase “prevent SQL injection” will cough up 600,000 results.

We can excuse Yahoo for not being the only household brand victim, thanks to SQL attacks on Sony, LinkedIn, even Lady Gaga and another 115 million web applications, according to data protection vendor Imperva.

Full article published in


Leave a comment

Filed under cloud, security

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s