CISA urges software devs mitigatin SQL injection vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI issued a joint alert about making software secure by eliminating SQL injection vulnerabilities. This was in response to a recent major incident involving SQL injection that affected thousands of organizations and emphasizes how common this type of security flaw is.

Even though SQLi flaws are well-known and preventable, developers still create software with these vulnerabilities, endangering numerous users.

• Bank
• National

Bangladesh bank published CBS guideline Version 2.0

By infosecbulletin / Monday , May 13 2024

The banking industry in Bangladesh is the core driver in economic development of the country. The focus on inclusion and...

Read More

• International
• Vulnerabilities

Fortinet report
Attackers exploiting vulnerabilities 50% faster, just 4.76 days

By infosecbulletin / Monday , May 13 2024

Fortinet reported that in the second half of 2023, the average time form the disclosure of a vulnerability to its...

Read More

• Cyber Attack

TechCrunch report
Indian gov.t sites compromised to plant online betting ads

By infosecbulletin / Sunday , May 12 2024

Indian government websites have been used by scammers to place ads that send visitors to online betting sites. TechCrunch found...

Read More

• Cyber Attack
• Data Breach
• Ransomware

Damage Costs Predicted To Exceed $265 Billion By 2031
Ransomware expected to attack every 2 seconds by 2031

By infosecbulletin / Sunday , May 12 2024

Ransomware damage costs are predicted to exceed $265 billion by 2031, and it is expected to be the fastest growing...

Read More

• Alert

ALERT CISA WARNS
Black Basta ransomware breached over 500 orgs worldwide

By infosecbulletin / Saturday , May 11 2024

CISA, FBI, HHS, and MS-ISAC released a joint Cybersecurity Advisory called #StopRansomware: Black Basta. It provides tactics, techniques, procedures, and...

Read More

• International

Cyber Attack On Data Center Cooling Systems results disruption

By infosecbulletin / Saturday , May 11 2024

According to cybersecurity analysts at Dragos, while cloud adoption offers many benefits for industrial companies , it also poses certain...

Read More

• Vulnerabilities

Chrome Zero-Day Alert — Update Your Browser to Patch

By infosecbulletin / Friday , May 10 2024

Google released an urgent security update for Chrome browser. The update fixes a critical vulnerability that is already being exploited...

Read More

• Hot Topic
• Vulnerabilities

Dell Discloses Data Breach: 49 million customers allegedly affected

By infosecbulletin / Friday , May 10 2024

A security breach has been reported, with a threat actor claiming to be selling a database with 49 million customer...

Read More

• Vulnerabilities

BIG VULNERABILITIES IN NEXT-GEN BIG-IP

By infosecbulletin / Thursday , May 9 2024

Eclypsium recently found flaws in F5’s BIG-IP Next Central Manager, which could let attackers take control of the network. BIG-IP...

Read More

• Cyber Attack
• Data Breach

UK confirms Ministry of Defence payroll data exposed in data breach

By infosecbulletin / Wednesday , May 8 2024

he UK government confirmed that hackers recently broke into the country's Ministry of Defence and accessed part of the Armed...

Read More

CISA and the FBI advise leaders of tech manufacturing companies to check their code for SQL injection risks. If there are vulnerabilities, executives must make sure their software teams fix the issue in all present and future software.

For guidelines and best practices, visit the CISA Secure by Design page. To see previous publications, check Secure by Design Alerts.