A notorious group of hackers going by the name Learners Of Curiosity are specializing in defacing websites after series of Denial Of Service attacks, cross-site scripting, path traversal and or SQL injections then posting a “Owned” message on the hacked websites. They then tweet about their conquests like in this example:
The link on their Twitter page links to ZONE-H which is an archive of defaced websites. Once a defaced website is submitted to Zone-H, it is mirrored on the Zone-H servers, it is then moderated by the Zone-H staff to check if the defacement was fake. Sometime the hackers themselves admittedly submit their hacked pages to the site.
Their submissions total to over 130 ‘hactions’. Unmissably on the list was Kenya Methodist University’s portal http://online.kemu.ac.ke/ that was defaced on 2012/01/04.
The other listed sites were mainly from the USA, Brazil and UK. Here is the link http://www.zone-h.org/archive/notifier=Learnersofcuriosity/page=1
You might want to read:
How To prevent MySQL injection http://www.tech-evangelist.com/2007/11/05/preventing-sql-injection-attack/
Guide to PHP security http://dev.mysql.com/tech-resources/articles/guide-to-php-security-ch3.pdf
Prevent Denial of Service attacks http://www.applicure.com/solutions/prevent-denial-of-service-attacks