SQL Injection
US-CERT has published a new informational paper on SQL Injection. It is available in the Security Publications portion of the website.
US-CERT Quarterly Trends and Analysis Report
This report summarizes and provides analysis of incident reports submitted to US-CERT during the U.S. Government fiscal year 2008, fourth quarter and is available in the Security Publications portion of the website.