Every seasoned developer will know that protecting your website from a hacker is a top priority, whether for your own reputation or for maintaining your company’s reputation and log-term revenue prospects.
Tags: Adobe, Application.cfc, Application.cfm, attack, best practice, Business, cfquery, cfqueryparam, ColdFusion, ColdFusion Administrator, cross-site scripting, database server, Databases, encryption, firewall, how to, howto, Java, Manitoba, Mark Kruger, prevention, protection, raw processing, RDBMS, script protect, security, software releases, SQL, SQL Injection, url, variables, vulnerability, Web Application Hacker, web code, Web Security, Web Server, Web Servers, webserver, XSS
In my previous post, What is a SQL Injection Attack, I gave a brief overview of SQL injection and Cross-Site Scripting (XSS), primarily with regard to websites. In the example given, we saw that an attack could take the form of a ‘hacked’ URL which contained either a literal SQL statement, or a hexadecimal string that could be interpreted by an insecure SQL database server.
Tags: attack, backup, ColdFusion, cross-site scripting, database, database server, hack, hacking, how to, howto, programatically, restore, rollback, script, Scripting, SQL, XSS
Over the past few weeks, subversive elements in the international arena have decided that attacking websites is a fun thing to do! The online world has become the new battle ground between nations vying to de-stabilise rivals. This may seem all very Jack Bauer, but we are increasingly seening ‘SQL injection attacks’ eminating from countries such as Russia, China and North Korea. Of course, that doesn’t mean our countries aren’t doing the same in return, but we only see the results from foreign-based attacks.
Tags: attack, C#, China, ColdFusion, cross-site scripting, hack, hacking, malicious web users, North Korea, online world, Russia, SQL, SQL Injection, T, url, web applications, XSS