
SQL injection attacks jumped 69% in Q2 - iProject
http://www.infosecurity-magazine.com/view/27380/sql-injection-attacks-jumped-69-in-q2/
======
chimi
My website monitors were going off the charts one day and I started
investigating. Tons of SQL Injection attempts were flooding my servers.
Without much difficulty, I tracked the IPs to a company that does security
checking and reporting. I never requested such a test.

Later, that company sent me an email saying my site was insecure because they
sent a SQL injection request and the response included lots of SQL. They
wanted to sell me a comprehensive report and methodology to eliminate similar
threats in the future.

Turns out, the SQL their threat detection system found was in a static html
blog post where I was telling people how to build a particular type of SQL
Statement. I did not purchase the "services" they were selling.

~~~
ca98am79
Not only is it unethical that they scanned your server like that, but you
could probably press charges or sue them for it, if you wanted.

------
TruthElixirX
I wonder, and I am just pulling this out of my ass, if this is anything like
the Skyscraper Index.

<https://en.wikipedia.org/wiki/Skyscraper_Index>

Perhaps we see this many SQL Injections because money is getting thrown around
too liberally (and bad coders are getting more work) and is a precursor to a
bubble.

Does anyone know how this news correlates with past SQL injection numbers, and
if it has increased relative to the amount of internet usage?

