All you (don't) need is malware on Paul McCartney's official web site.
According to Mary Landesman at ScanSafe, the official web site of Paul McCartney (paulmccartney.com) has been compromised, and is serving live exploits to its visitors. Landesman points out that the compromise might have occurred through stolen FTP accounting data, taking into consideration the fact that the campaign is also present at several different flat HTML only web sites.
The bottom line - would efficient exploitation of stolen FTP account data obtained through data mining an infected set of hosts re-emerge as a tactic of choice, or would massive SQL injection attacks through search engines reconnaissance targeting everyone, everywhere continue being the method of choice? In an increasingly multitasking cybercrime ecosystem, a combination of tactics is usually the method of choice.