For years people have been getting their online accounts compromised due to phishing as well as via brute force attacks due to poorly chosen passwords. We also know that people tend to share the same credentials across multiple sites however I haven't seen any concrete research/metrics on how commonplace this is...

Jeremiah grossman has posted the results of his "Web Application Security Professionals Survey (July 2008)". They are also available in ZIP format.

Welcome to the new and improved CGISecurity.com! After years of using the old design I've decided it was time for a change and thanks to my homeboy Romain we have a new design. In addition to the design you can now post comments, get partial story bodies in RSS feeds, and...