A new flavor of an old-school Web attack was responsible for compromising more than 500,000 Websites last year. An automated form of SQL injection using botnets emerged as the popular method of ...

A hacker reportedly exploited a SQL injection vulnerability on the Website of Britain’s Royal Navy, according to media reports. The incident took place Nov. 5, when a hacker known by the alias TinKode ...

An automated SQL injection attack has caused as many as 70,000 Websites to steer users toward malicious code over the last few days, according to researchers. The attack adds a JavaScript tag to every ...

I have an IIS Web server on my DMZ with two IP addresses assigned to one NIC. I have set the bindings in IIS to run each of the two sites on separate IP addresses. The problem is both sites initiate ...

Mike Chapple is a teaching professor of IT, analytics and operations at the University of Notre Dame. On Dec. 26, 2007, Albert Gonzalez, a 28-year-old resident of Miami, launched an attack against the ...

My colleague Paul Baccas from SophosLabs has blogged about a number of webpages on news websites that have been infected by an SQL Injection attack designed to install malware onto users’ computers.

Over one million websites running the WordPress content management system are potentially at risk of being hijacked due to a critical vulnerability exposed in the WP-Slimstat plugin. On Tuesday, a ...

Sophos experts have discovered that the website of BusinessWeek, the world famous weekly magazine, has been attacked by hackers in an attempt to infect the readership with malware. Hundreds of pages ...

A critical privilege-escalation vulnerability could lead to backdoors for admin access nesting in web servers. A popular WordPress SEO-optimization plugin, called All in One SEO, has a pair of ...

LulzSec, a hacking group that recently made news for hacking into PBS, claimed today that it has broken into several Sony Pictures websites and accessed unencrypted personal information on over 1 ...

Millions of websites used in e-commerce and other sensitive industries are vulnerable to remote take-over hacks made possible by a critical vulnerability that has affected the Joomla content ...

Oracle’s MySQL.com customer website was apparently compromised over the weekend by a pair of hackers who publicly posted usernames, and in some cases passwords, of the site’s users. Taking credit for ...