SQL Injection Turns BusinessWeek Into Viral Replicator

← Back to Stories (view on slashdot.org)

SQL Injection Turns BusinessWeek Into Viral Replicator

Posted by CmdrTaco on Monday September 15, 2008 @01:33AM from the glad-it's-not-us dept.

martins writes "The website of popular magazine BusinessWeek has been attacked via SQL injection in an attempt to infect its readership with malware. Hundreds of pages in a section of BusinessWeek's website which offers information about where MBA students might find future employers have been affected."

2 of 116 comments (clear)

Min score:

Reason:

Sort:

Re:MBA students, appropriate. by SQLGuru · 2008-09-15 02:01 · Score: 4, Interesting

Many of them while good at what they do

Not every one wants to be a basic programmer for the rest of their life
Pretty much all of the *GOOD* programmers *DO* want to program for the rest of their lives (while I wouldn't say "basic programmer"....most want to be Dev Lead / Architect type of coders, but coders none the less). And being Dev Lead / Architect is not the type of position that goes to the MBA grads.....MBAs are for people who want to go into Management / Project Management.
I've been in the industry since 1994 and am one of the top database developers in my company. And I don't see myself as being a manager any time soon. I enjoy programming too much. [This is in a large corporation where a manager is not a technical manager; small companies where "Dev Lead" equates to manager might be a different situation.]
Layne
Re:Malic or incompetence? by ednopantz · 2008-09-15 04:43 · Score: 5, Interesting

They just don't teach anything about security in schools. We interviewed an intern candidate this spring and asked her how one would avoid a SQL injection attack.
Her response: "Don't use Microsoft products."
Swing and a miss!
The candidate's sample code had a big 'ol SQL injection vulnerability. Yet the instructor raved over his project.