SQL Injection - Security Intelligence

Woman shopping online could be at risk of a recent Magento flaw

news

Magento Flaw Lets Cybercriminals Access E-Commerce Sites Without Authentication

Security researchers discovered a Magento flaw that could enable cybercriminals to penetrate and control features within the popular e-commerce site without authentication.

April 3, 2019 | By Shane Schick

news

Illustration of a laptop under an umbrella: Drupal security flaws

article

Is Your Site Protected Against Drupal Security Flaws?

This past summer saw a pair of Drupal security flaws exposed and patched. Is your website secure?

October 12, 2018 | By David Strom

article

A man using a laptop in a modern office: cybersecurity strategy and policy

article

How Can Media Companies Be More Confident in Their Cybersecurity Strategy and Policy?

According to recent research, only 1 percent of media companies are very confident in their cybersecurity strategy and policy.

September 11, 2018 | By Kacy Zurkus

article

A programmer writing code on a laptop while jotting notes on a piece of paper: application security risk

article

What’s the Best Strategy to Manage Application Security Risk?

To protect their organizations from threat actors targeting software vulnerabilities, security leaders should adopt an integrated approach to application security risk management.

July 6, 2018 | By Hamsa Srinivasan

article

news

Just 1 Percent of Companies Feel Ready to Fend Off Media Security Threats, Survey Reveals

According to a recent study, just 1 percent of U.S. media companies reported high levels of confidence in their ability to withstand a variety of media security attacks.

April 11, 2018 | By Shane Schick

news

A blogging platform displayed on a computer screen.

news

WordPress Issues Security Patch to Mitigate SQL Injection

With its latest update, WordPress patched a vulnerability that could enable malicious plugin and theme developers to execute SQL injection attacks.

November 2, 2017 | By Larry Loeb

news

A leaking spigot against a backdrop of clouds and blue sky.

article

Leaking Cloud Databases and Servers Expose Over 1 Billion Records

According to IBM X-Force, misconfigured cloud databases accounted for more than 71 percent of reported leaked records so far in 2017.

September 21, 2017 | By Jason Kravitz

article

Application-layer protection tends to be a low priority for IT teams despite the fact that application vulnerabilities account for 32 percent of security compromises, according to a Ponemon Institute study on application security and risk management.

article

Why Do We Care So Little About Application-Layer Protection?

In the current world of cloud and agile development, we deliver code monthly, weekly and even daily. One of my engineering teams at IBM affectionately refers to updates as the “daily dose.” We have developed robust processes to ensure...

October 5, 2016 | By Denis Kennelly

article

Command injection attacks remain one of the most serious threats facing enterprises today. A successful one can cause the total compromise of a system, which means enterprises must work vigilantly to prevent the threat from becoming a reality.

article

Command Injection: A Deadly Needle in the Haystack

Command injection attacks may not get a lot of hype, but they can be seriously damaging to an enterprise that isn't careful about its security.

July 14, 2016 | By Dave McMillen

article

Recent IBM X-Force research indicated that many organizations are repeat offenders when it comes to being a cybercrime victim. It seems these enterprises aren't learning from their mistakes and continue to leave doors open for actors.

article

Fool Me Once, Shame on You — Fool Me Eight Times, Shame on My Security Posture?

Organizations with weak security posture are an attractive target for cybercriminals, and they may find themselves coming under fire frequently.

June 23, 2016 | By Michelle Alvarez

article

Attackers Compromise Admin Account to Infect Manufacturing Company With BitPaymer Ransomware

Spear Phishing Report Card: Perfect Scores in School Security Pen Testing

Google 2FA Approach Turns Android Smartphones Into Security Keys

April Scams May Ruin Plans: Threat Actors Ramp Up for Tax Scam Season

Voices of Security

X-Force Red in Action

A Secure Start

On the Front Line With IBM X-Force IRIS

Challenges and Opportunities to Close the Cybersecurity Gap in the Financial Services Industry

How a Cunning Remote Overlay Malware Met Its Match

The US Is Slow to Adopt EHRs, But That Might Actually Be a Good Thing for Healthcare Security

Challenges and Opportunities to Close the Cybersecurity Gap in the Financial Services Industry

Credential Dumping Campaign Hits Multinational Corporations

Cybercriminals Spoof Major Accounting and Payroll Firms in Tax Season Malware Campaigns

Buffer Overflow Vulnerability in TP-Link Routers Can Allow Remote Attackers to Take Control

Podcast: Muscle Memory and Cyber Fitness Training

Podcast: Zero Trust and the Evolving Role of Identity and Access Management

Podcast: Digital Identity Trust, Part 3 — Powering Digital Growth With Digital Identity Trust

Podcast: Monitoring National Cybersecurity Trends With Former NSA Deputy Director Bill Crowell

Webinar: MacOS Management Made Easy with MaaS360

Webinar: Encryption is the Fastest Way to Protect Data

Webinar: Under the Radar: Live Webinar and Demo

Webinar: Facilitating Secure Hybrid Cloud Adoption with Guardium

Tag: SQL Injection

Magento Flaw Lets Cybercriminals Access E-Commerce Sites Without Authentication

Is Your Site Protected Against Drupal Security Flaws?

How Can Media Companies Be More Confident in Their Cybersecurity Strategy and Policy?

What’s the Best Strategy to Manage Application Security Risk?

Just 1 Percent of Companies Feel Ready to Fend Off Media Security Threats, Survey Reveals

WordPress Issues Security Patch to Mitigate SQL Injection

Leaking Cloud Databases and Servers Expose Over 1 Billion Records

Why Do We Care So Little About Application-Layer Protection?

Command Injection: A Deadly Needle in the Haystack

Fool Me Once, Shame on You — Fool Me Eight Times, Shame on My Security Posture?