Hi everyone, Bryan here. Michael wrote a great post here on SDL-required SQL injection defense techniques in the wake of the recent mass SQL injection attacks against ASP sites. Additionally, the Security Vulnerability Research & Defense blog has just posted an analysis of the attack along with guidance recommendations for IT/database admins, web developers, and end users. Finally, if you are looking for classic ASP-specific (not ASP.NET) guidance, Bala Neerumalla has posted a detailed document on preventing SQL injection in ASP on MSDN.
The Threat Landscape in Belarus: Highest Concentration of Malware Hosting Servers
I recently wrote an article examining the concentrations of malware hosting servers located in different … Read more »
Share the responsibility: Microsoft on National Cyber Security Awareness Month
Microsoft supports the efforts of the National Cyber Security Alliance (NCSA) with free resources and research … Read more »
What a Journey It Has Been
I remember the security situation at Microsoft in 2001 and 2002 like it was yesterday. … Read more »