from SC Magazine US

The SQL injection attack this week on the Sony PlayStation website is a high-profile example of what continues to be a rampant number of legitimate websites falling victims to insecure coding, researchers said on Wednesday.

In the case of the PlayStation site, hackers were able to insert a tiny sliver of malicious JavaScript into some of the pages, Graham Cluley, senior technology consultant at anti-virus firm Sophos, told SCMagazineUS.com.

The result was that visitors to the compromised pages on Tuesday were assaulted with pop-up advertisements hawking anti-virus software that does not work, he said.