The mass SQL injection attack that has been ongoing for a week or so now is designed mainly to steal credentials for online games and is quite well planned and organized, experts say. The vulnerability being used in the attack is a flaw in Adobe Flash, which was publicized earlier this month and patched late last week by Adobe. The attack includes some code specifically designed to evade Web application firewalls, and it is being thrown against sites running several versions of Microsoft s IIS Web server software.
Source: https://threatpost.com/sql-injection-attacks-aimed-stealing-gaming-credentials-experts-say-061410/74103/

