Team SHATTER (Security Heuristics of Application Testing Technology for Enterprise Research) as pulled together the top 10 database vulnerabilities, recently posted on the Net as a slide show, and gone one step further and started a series of blog postings to give further detail; keeping you up to date on trends, risk, and remediation. Currently on Vulnerability 8 of 10, these top 10 include:
- Default, Blank & Weak Username/Passwords
- SQL Injections
- Extensive User/Group Privileges
- Unnecessary Enabled Database Features
- Broken Configuration Management
- Buffer Overflows
- Privilege Escalation
- Denial of Service Attacks
- Unpatched Databases
- Unencrypted Sensitive Data – at Rest and in Motion
