SQL Injection is a programmatic attack on websites

Posted on

OWASP  has a great website discussing SQL injection: The Open web application Security project is an effort to help the programming community in securing their websites And I will copy a couple of lines from their SQL_Injection_prevention_Cheat_sheet becasue it is important: Option #1: Use of Prepared Statements (Parameterized Queries) Option #2: Use of Stored Procedures […]


The challenges of Security in a map

Posted on

This is one of the many mindmaps from Aman Hardikar: You can see that it is not only network firewalls and websites that need to be reviewed.   A security architecture needs to be developed from security principles within procedures and goals laid out within business objectives.  


New Microsoft Word vulnerability

Posted on

Technet link – specific wording: The vulnerability could allow remote code execution if a user opens a specially crafted RTF file using an affected version of Microsoft Word, or previews or opens a specially crafted RTF email message in Microsoft Outlook while using Microsoft Word as the email viewer. An attacker who successfully exploited the […]