bankinfosecurity has the information The initial reports were that it was a data breach, but no credit card data was stolen, but 11 days later it looks as many as 25,000 records were exposed and stolen Sally Beauty Supply operates approximately 500 stores worldwide and had $3.6 billion in sales in 2013. As … Read more
OWASP has a great website discussing SQL injection: The Open web application Security project is an effort to help the programming community in securing their websites And I will copy a couple of lines from their SQL_Injection_prevention_Cheat_sheet becasue it is important: Option #1: Use of Prepared Statements (Parameterized Queries) Option #2: Use of Stored Procedures … Read more
This is one of the many mindmaps from Aman Hardikar: You can see that it is not only network firewalls and websites that need to be reviewed. A security architecture needs to be developed from security principles within procedures and goals laid out within business objectives.
XSS is something every website should be aware of – test for it, because the bad hackers do. Netsparker is a good site to explain some of the potential attacks. The effect of XSS is to use the website to extract information, and even bypass the defenses of the server. In some cases if the … Read more
The _only_ way is to test your site… review your potential services and programs running on the website Use the alpha service evaluation sample Or try the Sigma (∑) service evaluation sample either way you will have a better picture of your hacker liability today. Contact Us
