Rapid7 Announces Critical Vulnerability Check for Automated SQL Injection
May 13, 2008[From PR Newswire]
BOSTON, May 13 /PRNewswire/ -- Rapid7 announced today that NeXpose includes a check to detect web servers that have been hit by the recent automated mass SQL injection attacks. Web sites hit by this SQL injection attack have their web page contents modified to point to malware that is automatically downloaded by any visitor to the site. These sites are all vulnerable to SQL injection (or have recently been vulnerable) and were hacked by this automated hacker toolkit. In addition, by executing a Google search on the malware server name, hackers can find sites that have been already been exploited.
The article continues at http://sev.prnewswire.com/computer-electronics/20080513/NETU09213052008-1.html