SQL injection

Update: Researcher Calls In-Flight Entertainment Hacks a Safety Threat

In-brief: Research from the firm IOActive has discovered exploitable holes in in-flight entertainment software from the firm Panasonic Avionics that may make planes vulnerable to hacking and manipulation. Editor’s note: updated with comments from interview with Ruben Santamarta of IOActive. PFR 12/21/2016

Google Unveils OSS-Fuzz to test Open Source Software Security

In-brief: Google’s security team on Thursday announced the release of a new tool, OSS-Fuzz that it says will improve the security of the Internet by providing realtime, automated secruity testing of common open source components.

Toymaker Hack Highlights Dark Side of Tech Industry’s Data Obsession

In-brief: The hack of VTech, a maker of technology products for children, has exposed sensitive data on hundreds of thousands of children, the company acknowledged this week. Also exposed: the toy industry’s growing and unregulated appetite for information on the children who play with their toys.

Update: Chinese Govt. Hackers Still Active Despite Truce

In-brief: A truce hammered out between U.S. President Barack Obama and Chinese President Xi Jinping in September hasn’t kept hacking groups that are believed to be affiliated with China’s People’s Liberation Army (PLA) from playing offense, according to a report from the security firm Crowdstrike. (Updated to add comment from Ken Westin of Tripwire. PFR 10/19/2015)

Verizon: Internet of Things Hacks Pose Little Risk – For Now

In-brief: Verizon said in its latest Data Breach Investigations Report that threats from Internet of Things technologies were more theory than practice in 2014, but that 2015 could see IoT devices play a role in breaches.