AI DevwWrld Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

CISA and FBI warn about sql injection vulnerabilities

Preventive measures and mitigation strategies against one of the most serious cybersecurity risks

CISA and FBI warn tech companies about the risks of SQL injection, suggesting the use of parameterized queries for security. Despite known countermeasures, attacks persist, highlighting the need for improved security strategies in software.

This pill is also available in Italian language

CISA and the FBI have brought to the attention of technology executives the importance of formally reviewing software products to identify and mitigate SQL injection (SQLi) vulnerabilities before they are released to the market. With SQL injection, attackers inject malicious SQL queries into input fields, exploiting application security gaps to execute unintended SQL commands, such as exfiltration, manipulation, or deletion of sensitive data.

Recommended tools and threat context

Security experts recommend using parameterized queries with crafted statements to prevent SQLi vulnerabilities, as they separate SQL code from user-supplied data, preventing malicious input from being interpreted as SQL commands. This method is preferable to input sanitization, which can be circumvented and is difficult to implement at scale. SQLi vulnerabilities have been identified as the third most dangerous threat according to MITER, preceded only by out-of-bounds writes and cross-site scripting.

Importance of early mitigation of vulnerabilities

The joint CISA and FBI alert follows the series of Clop ransomware attacks, starting in May 2023, that exploited a zero-day SQLi vulnerability in the Progress MOVEit Transfer application, affecting thousands of organizations around the world. Despite the large number of victims, it is estimated that only a limited number of them actually agreed to pay the ransom. This however generated estimated earnings for the criminal group of between 75 and 100 million dollars.

Call to action for improved software security

While the SQLi vulnerability has been widely recognized and documented for over 2 decades, with effective mitigation measures well known, software vendors continue to release products affected by this flaw, exposing numerous users to significant risk. Recently, the White House Office of the National Cyber Director (ONCD) urged technology companies to adopt secure memory management programming languages, such as Rust, to reduce memory security vulnerabilities. Additionally, as early as January, CISA urged manufacturers of home office and small office routers to ensure the security of the devices against ongoing attacks, including those coordinated by the Chinese state-backed hacking group Volt Typhoon.

Follow us on Threads for more pills like this

03/25/2024 19:01

Editorial AI

Complementary pills

SQL injection: from understanding to preventionUnderstand, address and prevent cyber attacks via SQL injection

SQL injection vulnerability affects MOVEit Transfer: A security appealProgress software confirms a serious risk for organizations. Researchers and security professionals investigate the impact of the incident

Last pills

Large-scale data leak for Dell: impacts and responsesData of 49 million users exposed: IT security and privacy concerns

Microsoft strengthens cybersecurityNew policies and accountability measures to strengthen cybersecurity at Microsoft

"Emerging Threat: Social Media Platforms Vulnerable to New Exploit"New critical exploit discovered that threatens the security of millions of users of social platforms

Critical VPN flaw discovered: the TunnelVision attackA new type of DHCP attack threatens the security of VPN networks by exposing user data