Threat Post

Botnet Using Phony Firefox Add-On Scans for Sites Vulnerable to SQL Injection

A botnet posing as a legitimate Firefox add-on is scanning sites visited by compromised computers looking for SQL injection vulnerabilities. Attackers have been automating SQL injection attacks for a ...
Infosecurity-magazine.com

Big Botnet, Posing as Firefox Add-on, Scans Web for SQL Vulnerabilities

According to security researcher Brian Krebs, the botnet, which calls itself Advanced Power, conducts SQL injection attacks on virtually any website visited by the victim. These take advantage of weak ...
CRN

'Mass Meshing' Attack Evades Google Scans

Discovered in January 2011, the new SQL injection variant, which security researchers are calling a mass meshing attack, combines a SQL injection attack coupled with a drive-by download. While the ...
CSOonline

What is SQL injection? How these attacks work and how to prevent them

Immortalized by “Little Bobby Drop Tables” in XKCD 327, SQL injection (SQLi) was first discovered in 1998, yet continues to plague web applications across the internet. Even the OWASP Top Ten lists ...