CyberNews Briefs

Researchers Show How SQLite Can Be Modified to Attack Apps

Check Point researchers have developed a new attack technique that takes advantage of memory safety issues in the widely used SQLite database engine. It allows attackers to execute commands in applications that rely on the engine for data storage.

The discovered flaws represent a very serious threat because SQLite is everywhere. It is used by Windows 10, Mac, Android and iOS devices and is embedded in popular browsers and applications like  Skype, iTunes, Dropbox, as well as in various Internet-of-things devices. According to Omer Gull of Check Point, the research makes it apparent that “defenders should now take into consideration the fact that simply querying a database might have disastrous consequences and act accordingly,” because “attackers can now leverage the use of SQLite database for their own malicious intent.”

Read more: Researchers Show How SQLite Can Be Modified to Attack Apps

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.