Developers at fault? SQL Injection attacks lead to wide-spread compromise of IIS servers
There's been a lot of noise and violent thrashing over the last couple days regarding a flaw that was originally believed to be a flaw in Microsoft's IIS (Internet Information Server), but has since been pointed out as simply a well thought out SQL Injection attack. For those of you who aren't familiar with SQL Injection attacks, it's a pretty well known web application attack vector that exists in high volume on dynamic applications, say for instance, on your banking site.