|There are 50 visitors online|
I got an email from David today to let me know that he has started a new blog (Its good to see that he using GreyMatter Weblog software, software that I am also helping to develop) on a domain called www.davidlitchfield.com that looks to be set up as Davids personal site. David has an first interesting blog entry titled "SQL Injection and Data Security Breaches" that discusses some real SQL Injection attacks and also the reality of what can happen in such easy attacks, i.e. very large quantities of identities revealed or stolen and the breach of credit card details. The thing that stuck out for me was that reseachers found most of these and that in most cases they were very simple bugs. The worrying thing for these guys should be did anyone else find these bugs before who were less inclined to let them know about it?? - this is the worry for SQL Injection or any bug that discloses critical data, its found and fixed but did anyone find it before that and exploit it?
There has been 4 Comments posted on this article
This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.
Home and Archives
Other useful blogs
Syndication - Feeds