Oluwatosin's Blog

Week Two ↓ TL;DR SQL commands are used to query database. These queries may be used to relate to database in certain ways that are malicious. On the client side, data can be manipulated, passwords can be changed, access control can be bypassed. SQL (Structured Query Language) injection is an attack that allows for manipulation of the database by using malicious SQL queries as a user input. Any web application or website that connects to the database can be vulnerable to SQL injection attack. SQL Database Management Systems include; MySQL, Oracle. A successful attack can lead to attacker having access to database information like; user details, credit card information. Attackers could also gain administrative privileges; tables can also be deleted from the database; data can be modified.   SQL injection attack is top of the list of threats to web applications on OWASP (Open Web Application Security Project) top 10 list as of 2017 (Acunetix, n.d).  HOW SQL...

My blog touches on issues ranging from security threats, vulnerabilities and exploits to mitigation techniques. Some new technologies pertinent to cybersecurity are also discussed extensively. We take a look at why the attack is potent and how the attack is carried out in real-time.  It is important to be aware of how an attacker could attempt to gain unauthorized access to information as well as a plethora of other attack vectors . One major part of information security is identifying and implementing countermeasures to respond to these threats. It is important for us as security professionals to not only identify threats but provide methods to control the risks identified. Cultivating this habit would go a long way in helping us to be proactive while securing information.