Welcome to TechNet Blogs
Sign in
|
Join
|
Help
Neil Carpenter's Blog
Forefront products, WSUS, Security Incident Response, and whatever else comes up.
This Blog
Email
Syndication
RSS 2.0
Atom 1.0
Search
Go
Tags
Antigen
ASP
asp.net
Forefront
FSSMC
General
humor
Incident Response
iphone
Mobile
Networking
Security
SQL
Tool
Archives
August 2008 (2)
July 2008 (3)
June 2008 (1)
May 2008 (4)
April 2008 (2)
March 2008 (3)
August 2007 (2)
July 2007 (2)
June 2007 (2)
October 2004 (3)
June 2004 (4)
About Me
Bio
Disclaimer
March 2008 - Posts
Thursday, March 20, 2008 5:50 PM
Good News
The good news is that, whatever else might happen, these guys won't get pwned by SQL injection. (Via GrumpySecurityGuy .)
Posted by
neilcar
|
0 Comments
Filed under:
humor
,
Security
Saturday, March 15, 2008 9:18 PM
Anatomy of a SQL Injection Incident, Part 2: Meat
Intro It would appear that the incident I wrote about yesterday is still ongoing. I've been using a search engine to query for the *.js file that's being injected and it looks something like this: Wednesday: 10K hits (This is Avert's number. I didn't
Posted by
neilcar
|
14 Comments
Filed under:
Incident Response
,
Security
,
SQL
Friday, March 14, 2008 4:19 PM
Anatomy of a SQL Injection Incident
A number of people are reporting that 10K+ websites have been hacked via a SQL injection attack that injected a link to a malicious .js file into text fields in their database. For example, here's Avert Labs report . The reports that I've seen talk about
Posted by
neilcar
|
14 Comments
Filed under:
Incident Response
,
Security
,
SQL
