Summary week 10

Web Application vulnerabilities are still rampant and companies continue to allow attackers to exploit weaknesses in their websites.   XSS is the most prevalent attack method for the Web app type attack followed closely by SQL injection.  The exploitation of XSS occurs when an attacker exploits poor code in the website where via an input field the attackers code is executed instead to search for XSS vulnerability.   SQL injection occurs when you have some sort of input field the attacker can exploit via commands that test for certain vulnerabilities.    There is a long list of vulnerabilities, but ultimately better coding and vulnerability management mitigate the risk.

In the News: http://www.databreachtoday.com/talktalk-breach-fuels-call-for-tougher-uk-laws-a-8618

The continuing problems with the London based Telecom with their 3rd data breach.