ASP and ASP.NET: Still easy targets for SQL injection
Posted by Irving Popovetsky on June 25th, 2008Microsoft has released a security advisory (954462) warning users that automated SQL injection attacks against ASP and ASP.NET based sites are escalating. Unlike about 5 years ago, most web developers I talk to today understand what SQL injection is and how to defend against it. The new automated attacks are mostly focused on Content Management [...]