A major attack vector web programmers sometimes forget about is input cleansing. If user inputs are not cleansed prior to submitting the data to the SQL server attackers can submit malicious code to the server. This code can make the server return more data than it should or allow the attacker to delete entire databases. [...]

The other week I found a major security hole in one of the systems at work. I notified my manager who then notified the correct people. I am waiting to see if this issue gets resolved. So far I have not seen any progress towards closing the hole. Lack of motivation to path security holes seems [...]

Fun Article from the Security Catalyst. Full Article Here. In addition to getting to break things in order to help our customers prevent assorted miscreants from doing so, one of the many hats I wear at QuietMove is the amorphous responsibility of ‘business development.’ In English, that means I identify organizations that could benefit from [...]