Slashdot Mirror

← Back to Stories (view on slashdot.org)

SQL Injection Turns BusinessWeek Into Viral Replicator

Posted by CmdrTaco on Monday September 15, 2008 @01:33AM from the glad-it's-not-us dept.

martins writes "The website of popular magazine BusinessWeek has been attacked via SQL injection in an attempt to infect its readership with malware. Hundreds of pages in a section of BusinessWeek's website which offers information about where MBA students might find future employers have been affected."

1 of 116 comments (clear)

Min score:

Reason:

Sort:

ATTENTION WEB DEVELOPERS by Anonymous Coward · 2008-09-15 01:40 · Score: 5, Insightful

HAI!
Just a friendly reminder - your Database Admin will be more than happy to set up multiple users for you with different permissions. For instance, a user with "write" privileges that can be used by the website backend page that the editors use, and a user with "read only" permissions that the public facing web server(s) will use when presenting the page to the public.
That is all.