Sign Up! | Tags | Domains | Statistics | Options | Advanced Search
|
Sign Up! | Tags | Domains | Statistics | Options | Advanced Search |
technet.com » 꼬알라의 하얀집... - Aug 30, 2008
상당히 많은 수의 웹 사이트가 SQL 인젝션(SQL Injection) 공격 에 대해 방어를 하고 있고, 취약점이 노출되었을 경우, 피해는 말로 표현할 수가 없습니다. 해킹을 당한 사례가 있는 플랫폼의 경우, 상당수가 SQL 인젝션을 통한 공격을 당한 것으로 저도 지인에게 들은 적이 많습니다. SQL 인젝션 공격을 방어할 수 있는 방법은 다음과 같은 개발 방법론 을 사용하는 것뿐입니다 …
Also tagged: news, security, microsoft, iis, iis 7, 보안, 새소식, 마이크로소프트, windows server 2008, urlscan, sql 인젝션
 |
MMUG: Second Meeting Review and Slidespythian.com » Pythian Group Blog - Aug 29, 2008 The Malta MySQL User Group (MMUG) met for the second time this Thursday, and compared to last time, we had a much better venue: Ixaris Systems let us use their board room, so we had all the tools we needed to have a … Also tagged: mysql, pythian europe, mmug, mysql backup |
 |
SQL Injection Attacks In The Wild - Why They’re Working And What To Dolockergnome.com » IT Professionals - Aug 14, 2008 A bunch of IT and Web-app teams have lost a lot of sleep lately… Over the past several days, a significant number (in the thousands) of Web applications, some of them well-known and well-used, have fallen victim to a … Also tagged: security, sql, sql attack |
technet.com » Todo es posible, nada es seguro - Jul 26, 2008
Hay muchos sitios y blogs que hablan sobre el tema de inyección SQL. Puede encontrar toda la información en este artículo, y más, en los sitios siguientes: El blog de SWI …
Also tagged: seguridad
technet.com » blueberry - Jul 26, 2008
We all know what is SQL Injection and how disastrous it can be. If you have dynamic SQL in your code, then you should look for the problem. string sqlStatement = string .Format( "select * from authors where city = …
technet.com » 日本のセキュリティチーム (Japan Security Team) - Jul 26, 2008
小野寺です。 ニュースとしては、比較的下火になっているかもしれない、SQL インジェクションの対策が済んでいないサイトが、まだまだ、残っています。 しかし、実際に対策を進めてみると「検査方法が分からない」「開発元がもうすでに・・・」「色々有ってコードが変更できない」といった様々なフィードバックというか悩みがでてきます。 現在のSQL …
Also tagged: 脆弱性, 検査, web アプリケーション
technet.com » 日本のセキュリティチーム (Japan Security Team) - Jul 26, 2008
小野寺です。 セキュリティ デベロップメント (SDL: Security Development Lifecycle) って本当にやってるの? ということを、聞かれることがあるが、実は結構真面目にやっていたりします。 この辺りの現場の声を Web Application Security Forum の2日目 (7/5) で話すことになりました。 といっても、話すのは私ではなく、ソニーの松並氏 …
Also tagged: 時事ネタ, 脆弱性, 検査, targeted attack, 開発プロセス, web アプリケーション
technet.com » Security Vulnerability Research & Defense - Jul 26, 2008
The MSRC released an advisory today that discusses the recent SQL injection attacks and announces three new tools to help identify and block these types of vulnerabilities. The advisory discusses the new tools, the …
Also tagged: tools
technet.com » Security Vulnerability Research & Defense - Jul 26, 2008
(Special thanks to Neil Carpenter for helping out on this blog post) Recent Trends Beginning late last year, a number of websites were defaced to include malicious HTML tags in text that was stored in a SQL database …
Also tagged: attack
cio.com » Advice and Opinion - - Jul 21, 2008
SQL injection attacks are evolving as one of the primary modes of transportation for malicious scripts that hackers insert into legitimate Web sites. read more
Also tagged: news, hipaa, malware, applications, government, virus, sox, trojan, glb, iframe, regulatory compliance