USNCVA - Now Read This

NOW READ THIS
("Security Advisory")

Go Back

Submitted by: Bill Hickey
NCVA Listmaster

NRT-0621 Hackers infect Business Week Web site via SQL‑injection:

Security firm Sophos recently confirmed that hundreds of pages within Business Week's Web site had been infected with malicious code, according to an online news report. The Business Week site is one of the 1,000 busiest Web sites on the Internet. According to Sophos, the attackers apparently ran the operation through Business Week's online job‑hunting application. Business Week reportedly removed the offending Web application and assessed that no user data were compromised.

Structured query language (SQL)‑injection attacks, which enter specially crafted code into a Web page's input field that can covertly redirect users to malicious sites, were behind the infections. In the case of Business Week, the code redirected users to an attack page hosted in Russia, according to Sophos.

[vnunet.com 16Sep08]

Last Modified: Friday, 10-Oct-2008 12:41:55 EDT

NOW READ THIS ("Security Advisory")

NRT-0621 Hackers infect Business Week Web site via SQL‑injection:

NOW READ THIS
("Security Advisory")