Ars Technica is reporting that there is a mass series of SQL Injection Attacks occurring over the Internet which links to malware sites. The Injection method uses obfuscation to hide the data to try and bypass basic input checking.

The attack tries to inject iFrames into SQL tables, which will be rendered as web pages that use tables to dynamically creates its HTML. The attack has affected mostly smaller site, but according to the report, but it has also affected some of Apples podcast pages, and some government web pages have also been affected.

While SQL Injection attacks are not specific to a SQL database vendor as the attack has to do with coding, everyone running Microsoft SQL Server as a web backend should be aware that Microsoft offers free security support to it’s customers. The free security support is for any security incidents, and/or hacks including SQL Injection Attacks for those running on the Microsoft Platform.

The Ars Technica Article can be accessed here:

http://arstechnica.com/security/news/2010/08/newly-detected-sql-injection-attack-snags-apple-in-wide-net.ars?utm_source=rss&utm_medium=rss&utm_campaign=rss