For those interested in seeing whats up in the CMS landscape on attacks. BF logins seem to be the same but, RFI is on the rise.
http://www.imperva.com/docs/HII_Web_App ... rt_Ed5.pdf
Atomic, may want to keep beefing up your WAF for file inclusion detection. The question becomes, will ClamAV be enough to keep catching these?