AI DevwWrld Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

CISA and FBI warn about sql injection vulnerabilities

Preventive measures and mitigation strategies against one of the most serious cybersecurity risks

CISA and FBI warn tech companies about the risks of SQL injection, suggesting the use of parameterized queries for security. Despite known countermeasures, attacks persist, highlighting the need for improved security strategies in software.

This pill is also available in Italian language

CISA and the FBI have brought to the attention of technology executives the importance of formally reviewing software products to identify and mitigate SQL injection (SQLi) vulnerabilities before they are released to the market. With SQL injection, attackers inject malicious SQL queries into input fields, exploiting application security gaps to execute unintended SQL commands, such as exfiltration, manipulation, or deletion of sensitive data.

Recommended tools and threat context

Security experts recommend using parameterized queries with crafted statements to prevent SQLi vulnerabilities, as they separate SQL code from user-supplied data, preventing malicious input from being interpreted as SQL commands. This method is preferable to input sanitization, which can be circumvented and is difficult to implement at scale. SQLi vulnerabilities have been identified as the third most dangerous threat according to MITER, preceded only by out-of-bounds writes and cross-site scripting.

Importance of early mitigation of vulnerabilities

The joint CISA and FBI alert follows the series of Clop ransomware attacks, starting in May 2023, that exploited a zero-day SQLi vulnerability in the Progress MOVEit Transfer application, affecting thousands of organizations around the world. Despite the large number of victims, it is estimated that only a limited number of them actually agreed to pay the ransom. This however generated estimated earnings for the criminal group of between 75 and 100 million dollars.

Call to action for improved software security

While the SQLi vulnerability has been widely recognized and documented for over 2 decades, with effective mitigation measures well known, software vendors continue to release products affected by this flaw, exposing numerous users to significant risk. Recently, the White House Office of the National Cyber Director (ONCD) urged technology companies to adopt secure memory management programming languages, such as Rust, to reduce memory security vulnerabilities. Additionally, as early as January, CISA urged manufacturers of home office and small office routers to ensure the security of the devices against ongoing attacks, including those coordinated by the Chinese state-backed hacking group Volt Typhoon.

Follow us on Twitter for more pills like this

03/25/2024 19:01

Editorial AI

Complementary pills

SQL injection: from understanding to preventionUnderstand, address and prevent cyber attacks via SQL injection

SQL injection vulnerability affects MOVEit Transfer: A security appealProgress software confirms a serious risk for organizations. Researchers and security professionals investigate the impact of the incident

Last pills

Career opportunities in Italian intelligence: entering the heart of securityFind out how to join the intelligence forces and contribute to national security

Hacker attack impacts Microsoft and US federal agenciesNational security implications and strategic responses to credential theft

Implications and repercussions of the serious cyberattack on the Lazio NHSConsequences and punitive measures after the ransomware attack that brought the regional healthcare system to its knees

Telecommunications security: flaw exposes conversations and 2FA to the risk of interceptionRisk of privacy violation through call diversion: measures and industry responses