Mass SQL Injection Attack Hits 1 Million Sites

“To have input validation turned off on their Web servers seems crazy,” he says. “There is literally a script feature on ASP.NET that checks input validation, and it’s on by default. These people have turned it off, and I cannot wrap my head around why they’re turning it off.”

Why would you disable the safety features of your development language, and put them into production like that?

via Mass SQL Injection Attack Hits 1 Million Sites – Dark Reading.

Be Sociable, Share!

Leave a Reply