The BusinessWeek magazine's website has suffered an attack on an SQL injection vulnerability in its pages causing it to serve up malware.
The Web site of BusinessWeek magazine suffered a major SQL injection attack in recent days that left it hosting malware on hundreds of its pages, security vendor Sophos PLC has reported.
Once compromised by such a server hole, the attack scripts could, in principle, launch anything desired by the attacker except currently included code for automatic attacks based on JavaScript. That means a visitor could be hit by malware just by landing on one of the pages, without even interacting in any way.
Full StorySecond ReferenceEhtyar.
