FYI...
Automated SQL injection attacks...
- http://www.darkreading.com/shared/pr...leID=223100129
Feb. 22, 2010 - "SQL injections top plenty of lists as the most prevalent means of attacking front-end Web applications and back-end databases to compromise data... analysis of the Web Hacking Incidents Database* (WHID) shows SQL injections as the top attack vector, making up 19 percent of all security breaches examined by WHID. Similarly, in the "Breach Report for 2010" (PDF) released by 7Safe* earlier this month, a whopping 60 percent of all breach incidents examined involved SQL injections... criminals are increasingly using automated SQL injection attacks powered by botnets to hit vulnerable systems... the purpose of those attacks is really to inject JavaScript redirectors into Web pages so that legitimate Web pages end up redirecting their users to exploit toolkits..."
* http://webappsec.pbworks.com/Web-Hac...ident-Database
** http://7safe.com/breach_report/Breach_report_2010.pdf