AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

CISA and FBI warn about sql injection vulnerabilities

Preventive measures and mitigation strategies against one of the most serious cybersecurity risks

CISA and FBI warn tech companies about the risks of SQL injection, suggesting the use of parameterized queries for security. Despite known countermeasures, attacks persist, highlighting the need for improved security strategies in software.

This pill is also available in Italian language

CISA and the FBI have brought to the attention of technology executives the importance of formally reviewing software products to identify and mitigate SQL injection (SQLi) vulnerabilities before they are released to the market. With SQL injection, attackers inject malicious SQL queries into input fields, exploiting application security gaps to execute unintended SQL commands, such as exfiltration, manipulation, or deletion of sensitive data.

Recommended tools and threat context

Security experts recommend using parameterized queries with crafted statements to prevent SQLi vulnerabilities, as they separate SQL code from user-supplied data, preventing malicious input from being interpreted as SQL commands. This method is preferable to input sanitization, which can be circumvented and is difficult to implement at scale. SQLi vulnerabilities have been identified as the third most dangerous threat according to MITER, preceded only by out-of-bounds writes and cross-site scripting.

Importance of early mitigation of vulnerabilities

The joint CISA and FBI alert follows the series of Clop ransomware attacks, starting in May 2023, that exploited a zero-day SQLi vulnerability in the Progress MOVEit Transfer application, affecting thousands of organizations around the world. Despite the large number of victims, it is estimated that only a limited number of them actually agreed to pay the ransom. This however generated estimated earnings for the criminal group of between 75 and 100 million dollars.

Call to action for improved software security

While the SQLi vulnerability has been widely recognized and documented for over 2 decades, with effective mitigation measures well known, software vendors continue to release products affected by this flaw, exposing numerous users to significant risk. Recently, the White House Office of the National Cyber Director (ONCD) urged technology companies to adopt secure memory management programming languages, such as Rust, to reduce memory security vulnerabilities. Additionally, as early as January, CISA urged manufacturers of home office and small office routers to ensure the security of the devices against ongoing attacks, including those coordinated by the Chinese state-backed hacking group Volt Typhoon.

Follow us on Telegram for more pills like this

03/25/2024 19:01

Marco Verro

Complementary pills

SQL injection: from understanding to preventionUnderstand, address and prevent cyber attacks via SQL injection

SQL injection vulnerability affects MOVEit Transfer: A security appealProgress software confirms a serious risk for organizations. Researchers and security professionals investigate the impact of the incident

Last pills

Serious vulnerability discovered in AMD CPUs: invisible malware riskCritical flaws put AMD CPUs at risk: how hackers can gain stealth, persistent access to your systems

Shocking discovery in the world of browsers: a backdoor that has been exploited for 18 yearsHackers able to access private networks via backdoors in major web browsers

AI Act: new rules that will change the future of technologyNew rules for artificial intelligence: how the AI Act will change the technological and industrial landscape in Europe. Discover the challenges, opportunities and importance of international cooper...

Digital chaos: global connection issues hit Azure and Microsoft 365Microsoft's cloud services in haywire: here's what's happening and how the company is responding