CISA urges software devs mitigatin SQL injection vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI issued a joint alert about making software secure by eliminating SQL injection vulnerabilities. This was in response to a recent major incident involving SQL injection that affected thousands of organizations and emphasizes how common this type of security flaw is.

Even though SQLi flaws are well-known and preventable, developers still create software with these vulnerabilities, endangering numerous users.

• Event
• National

Phoenix Summit 2024: Elevating Cyber security, Impact and Vision

By infosecbulletin / Sunday , April 28 2024

This May, Dhaka, Bangladesh, will host Phoenix Summit 2024, a landmark event in the global cyber security arena. Set from...

Read More

• Alert
• Hot Topic
• International

ALERT: SEKOIA REPORT
PlugX Malware Plagues Over 90k IP Addresses over 170 countries

By infosecbulletin / Saturday , April 27 2024

The worm was first discovered in a 2023 post by security firm Sophos. It became active in 2019 when a...

Read More

• International

Palo Alto network shared latest remediation of CVE-2024-3400

By infosecbulletin / Friday , April 26 2024

Palo Alto Networks has given urgent advice to the remediation of a critical vulnerability, known as CVE-2024-3400, which attackers have...

Read More

• International

CISA Launches Ransomware Vulnerability Warning Pilot for Critical Infrastructure

By infosecbulletin / Friday , April 26 2024

Organizations across all sectors and of all sizes are too frequently impacted by damaging ransomware incidents. Many of these incidents...

Read More

• Hot Topic
• International

WhatsApp warns India to exit, If…

By infosecbulletin / Friday , April 26 2024

According to the report by several Indian media, social media platform Meta will withdraw its entire service from India if...

Read More

• National

Fake e-mail of Rajshahi Univ VC’ name-picture, sending messages

By infosecbulletin / Friday , April 26 2024

Someone is pretending to be Rajshahi University Vice-Chancellor, Professor Dr. Golam Sabbir Sattar, by creating a fake email account and...

Read More

• Cyber Attack
• Data Breach
• International

Bad actor threat to expose BSNL 2.9 million data

By infosecbulletin / Friday , April 26 2024

Platform BreachForum, bad actor perell, same person who claimed to expose the data of "Bharat Sanchar Nigam Limited" BSNL for...

Read More

• Data Breach
• International

India’s ICICI Bank exposed thousands of credit cards to ‘wrong’ users

By infosecbulletin / Thursday , April 25 2024

“Our customers are our utmost priority and we are wholeheartedly dedicated to safe guarding their interests. It has come to...

Read More

• International

CISA Releases Eight Industrial Control Systems Advisories

By infosecbulletin / Thursday , April 25 2024

CISA issued eight advisories about Industrial Control Systems (ICS) on April 25, 2024. The advisories share important information about security...

Read More

• Vulnerabilities

Google fixed critical Chrome vulnerability CVE-2024-4058

By infosecbulletin / Thursday , April 25 2024

Google fixed a serious Chrome bug known as CVE-2024-4058 in the ANGLE graphics layer engine along with four vulnerabilities in...

Read More

CISA and the FBI advise leaders of tech manufacturing companies to check their code for SQL injection risks. If there are vulnerabilities, executives must make sure their software teams fix the issue in all present and future software.

For guidelines and best practices, visit the CISA Secure by Design page. To see previous publications, check Secure by Design Alerts.