CSO Online

Fortinet hit by another exploited cybersecurity flaw

A critical SQL injection flaw in FortiClient EMS allows remote code execution and data exfiltration, leaving thousands of ...
InfoWorld

DDoS and SQL injection are hot topics on hacking forums

Distributed denial of service and SQL injection are the main types of attack discussed on hacking forums, according to new research from security vendor Imperva. Underground discussion forums are an ...
Dark Reading

Cacti Monitoring Tool Spiked by Critical SQL Injection Vulnerability

A critical vulnerability in the Cacti Web-based open source framework for monitoring network performance gives attackers a way to disclose Cacti's entire database contents — presenting a prickly risk ...
The Verge

Researchers say a bug let them add fake pilots to rosters used for TSA checks

A pair of security researchers say they discovered a vulnerability in login systems for records that the Transportation Security Administration (TSA) uses to verify airline crew members at airport ...
Bleeping Computer

Microsoft: Hackers target Azure cloud VMs via breached SQL servers

Hackers have been observed trying to breach cloud environments through Microsoft SQL Servers vulnerable to SQL injection. Microsoft's security researchers report that this lateral movement technique ...