Bleeping Computer

Telegram-Based SQL Injection Scanner Available for $500 on Hacking Forum

A new tool is making the rounds on the criminal underground. Called Katyusha Scanner, this is a hybrid between a classic SQL injection (SQLi) vulnerability scanner and Anarchi Scanner, an open-source ...
Threat Post

Botnet Using Phony Firefox Add-On Scans for Sites Vulnerable to SQL Injection

A botnet posing as a legitimate Firefox add-on is scanning sites visited by compromised computers looking for SQL injection vulnerabilities. Attackers have been automating SQL injection attacks for a ...
Threat Post

Telegram-Controlled Hacking Tool Targets SQL Injection at Scale

The Katyusha Scanner can find SQL injection bugs at scale, and is managed via the Telegram messenger on any smartphone. A black market hacking tool has the potential to rapidly conduct website scans ...
Security

Cybersecurity Awareness Month: How to mitigate an SQL Injection Attack

In response to this, the application security SaaS company Indusface has detailed the potential financial impact of SQL Injection attacks on businesses. Additionally, they offer best practices to help ...
Dark Reading

SQL Injection Attacks Haunt Retailers

Retail and other industries that accept payment cards for transactions say the infamous SQL injection attack is either intensifying or remaining status quo. In a new Ponemon Institute report on SQL ...
CRN

'Mass Meshing' Attack Evades Google Scans

Discovered in January 2011, the new SQL injection variant, which security researchers are calling a mass meshing attack, combines a SQL injection attack coupled with a drive-by download. While the ...
TechRepublic

SQL injection attacks: A cheat sheet for business pros

SQL injection has been a major security risk since the early days of the internet. Find out what's at risk, and how cybersecurity pros can defend their organizations. Few things terrify IT security ...