While security vulnerability research can expose technical weaknesses that may be exploited, incident research provides in-depth information about the most common targets, motives and attack vectors of modern hackers.
And where better to turn for a sense of where we stand today than the Web Hacking Incidents Database (WHID). Analysis of WHID reveals that in 2009 social networks were at the greatest risk, malware and defacement remained the most common outcome of web attacks, and SQL injection was the most common attack vector. Here
The link for this article located at Tech World is no longer available.
