Payroll hole exposes dozens of companies Flaw in PayMaxx Web
site exposed the financial information of customers' workers, the
payroll-services firm acknowledges.
Unfortunately we have more of this come! The
combinaton ofbackend Database Engineand Application
Layer Data Access technologychoices play a major role in
these kinds of security vulnerabilities . Databases used to
confined to access from dumb terminals and PCs within the
enterprise. Today, these same databases are exposed to the Internet
in a myriad of ways, and a physical firewall and password
protection alone one cut it, not in an increasingly social oriented
cyberspace. Social Engineering is a major aspect of hacking!
Hosted applications are currently the rage; there
are many benefits, but there are also some serious security
vulnerabilties that will "dope slap" those organizationsthat
carelessly head down this route. You have to take a look at the
underlying architecture driving the systems in question.
Anyway, you can track past and future commentary
relating to databases, data access, and securityusing
. Naturally, I expect content
exposed from the query URI to grow, and to ultimately integrate
content from other sources around the blogosphere.