Sanesecurity ClamAV blog: zero hour malware, phishing and scams: SQL Injection: example blocked

Tuesday, 20 May 2008

SQL Injection: example blocked

There's still a huge amount of SQL injected sites still out there (list of serving sites)

For example:

Looking at the html for the site, you can see the .js file, added inside the TITLE html code:

If you are using clarkconnect (or other ClamAV based web-filtering) the latest update to the SaneSecurity signatures should help block the current sites:

Signature(s):

Email.Malware.Sanesecurity.08051902.SQLInj (generic)
Email.Malware.Sanesecurity.08052000.SQLInj (generic)
Email.Malware.Sanesecurity.08052001.SQLInj (generic)
Email.Malware.Sanesecurity.08052002.SQLInj (generic)
Email.Malware.Sanesecurity.08052003.SQLInj (generic)
Email.Malware.Sanesecurity.Url.SQLInj_xx

Sanesecurity ClamAV blog: zero hour malware, phishing and scams

Amazon3

Pages

Amazon

Tuesday, 20 May 2008

SQL Injection: example blocked

No comments: