SQL Injection Attack Spreads

[Source: SANS NewsBites] An SQL injection attack (SQL injection is a code injection technique that exploits a security vulnerability occurring in the database layer of an application) appears to have infected more than 1 million URLs. Some say the reported number of infections may be inflated, as the counts may include pages discussing the attack, although the number of infected URLs was significantly smaller in early December 2011. The malware is called lilupophilupop. The attack appears to be partly automated and partly manual. The .NL domain (the Netherlands) has the greatest number of infections.

Read the full story here.


About MIT
IT Security Awareness Consultant and Communications Specialist at MIT

Comments are closed.

%d bloggers like this: