Re: Nobody could have predicted an SQL Injection attack.
Regards,
-scott Welcome to Rivendell, Mr. Anderson. |
|
Hmmm....
Thanks for the link. I hope it gets more visibility.
I chuckled, though, when I saw this: Users and Adopters Hmmm. [edit:] TheReg has more - http://www.theregist...site_hack_simple/ (via the OWASP News page) Cheers, Scott. |
|
There is a difference...
... between management thinking they are using it, and the developers actually living it.
Regards,
-scott Welcome to Rivendell, Mr. Anderson. |
|
Could be they only used it in some places.
E.g. they might use it for CC transactions but not on the web interface for personal retail banking. As others have commented, they're no doubt much more careful in their CEO's personnel records and the CDS business security than they apparently are in dealing with their lowly customers' info... :-/
Cheers, Scott. |