Southern writes:  

"SQL Injection" is subset of the an unverified/unsanitized user input vulnerability ("buffer overflows" are a different subset), and the idea is to convince the application to run SQL code that was not intended. If the application is creating SQL strings naively on the fly and then running them, it's straightforward to create some real surprises.

We'll note that this was a somewhat winding road with more than one wrong turn, and others with more experience will certainly have different -- and better -- approaches. But the fact that we were successful does suggest that we were not entirely misguided.

There have been other papers on SQL injection, including some that are much more detailed, but this one shows the rationale of discovery as much as the process of exploitation.

more: UnixWiz

Southern writes:  

Connection strings can be a bit obscure and is not often defined in a consistent way. This article straighten things out and sheds some light on how connection strings are used to connect an application to a data source.

Introduction

When your application connects to a database or a data file you let ADO or ADO.Net utilize a provider to do the job for you. The connection string contains the information that the provider need to know to be able to establish a connection to the database or the data file. Because there are different providers and each providers have multiple ways to make a connection there are many different ways to write a connection string. It's like the address when sending a regular mail. Depending on the origin and destination and who is going to make the transport you need to write down the address in different ways.

more: Connection Strings

see also: The Connection String Reference

SECUNIA ADVISORY ID: SA47077

VERIFY ADVISORY: http://secunia.com/advisories/47077/

RELEASE DATE: 2011-12-06

DESCRIPTION: Multiple vulnerabilities have been reported in Opera, where one has an unknown impact and others can be exploited by malicious people to bypass certain security features, disclose potentially sensitive information, and hijack a user's session. The vulnerabilities are reported in versions prior to 11.60. Read More...

Southern writes:  

CNET's Download.Com is one of the most popular (currently ranked #174 worldwide by Alexa) and longest-running (been around since 1996) major sites on the Internet. As a download repository, their key value ad was that they screened software to avoid malware, spyware, ad-ware, viruses and other harmful content that certain shady software contains. Even many security experts recommended them as a safe place to download software online. Download.Com is run by CNET, which is part of the 17-billion dollar CBS media empire. Many people assumed that a major site like this wouldn't resort to unethical monetization schemes like adding spyware and other malware to their downloads.

Unfortunately, those people were wrong. Read More...

papamike writes:  

Have you ever wondered why most spammers advertise medications and send you to sites that look legit? The reason is because they are selling illegal, dangerous, and copycat products. The worst part of the scam is that they also get your credit card number, home address, email address, and possibly your phone number too. Identity theft is a big player in this counterfeit drug scam. The crooks usually get away with three things:

1. Spamming your email or website or both.
2. Profiting from your purchase of potentially life threatening medications that they have made themselves.
3. Stealing your identity.

And I'm not just talking about China, it happens in all countries including the USA. It's important to stop these spammers.

Crypto writes:  

There have been several reports of sites being injected with a php-string. Typically code is inserted into several tables. From the information gathered so far it looks targeted at ASP, IIS and MSSQL backends, but that is just speculation at this time.

When discovered yesterday about 80 sites showed in Google, this morning about 200, by lunch 1000 and a few minutes ago 4000+. Read More...