Jaa


SQL Storm: Possible ASP.Net

I’ve had an unconfirmed report that the SQL Storm attacks are now also affecting ASP.Net pages, specifically with a  URL of https://www.chliyi.com/m.js (this appears to be offline currently but I wouldn't suggest browsing there...) being injected into those pages.  My team hasn’t worked on any incidents yet so I can’t confirm that it is the same issue; however, it certainly looks very similar.

This is a good time for me to remind everybody that Microsoft does provide no-cost support in the case of a security incident.  If you’ve been affected, you can call 1-866-PCSAFETY in the United States & Canada.  Outside of that area, refer to https://support.microsoft.com/common/international.aspx?rdpath=4 to find the right contact information. 

(Thanks to Erwin Geirnaert for the heads-up.)