[biblio01_001] (Microsoft 2002) Trustworthy Computing site, http://www.microsoft.com/mscorp/twc/default.mspx.

[biblio01_002] (APWG 2006) Anti-Phishing Working Group, http://www.antiphishing.org/.

[biblio01_003] (Clark and Davis 1995) Clark,J.R., and W.L.Davis. “A Human Capital Perspective on Criminal Careers,” Journal of Applied Business Research, volume 11, no 3. 1995, pp. 58–64.

[biblio01_004] (FBI 2005) “FBI Announces Two Arrests in Mytob and Zotob Computer Worm Investigation,” http://www.fbi.gov/pressrel/pressrel05/zotob_release082605.htm. August 2005.

[biblio01_005] (CNN 2003) “Teenager arrested in ‘Blaster’ Internet attack,” http://www.cnn.com/2003/TECH/internet/08/29/worm.arrest/. August 2003.

[biblio01_006] (eWeek 2004) “App Developers Need to Redouble Security Efforts,” http://www.eweek.com/article2/0,1759,1663716,00.asp. September 2004.

[biblio01_007] (ZDNet 2006a) Ou,George. “Oracle from unbreakable to unpatchable,” http://blogs.zdnet.com/Ou/?p=151&tag=nl.e622. January 2006.

[biblio01_008] (InformationWeek 2005) Keizer,Gregg. “Bug Bites McAfee Antivirus,” http://www.informationweek.com/showArticle.jhtml?articleID=175007526. December 2005.

[biblio01_009] (ZDNet 2006b) Evers,Joris. “Backup software flaws pose risk,” http://news.zdnet.com/2100-1009_22-6028515.html. January 2006.

[biblio01_010] (Computerworld 2006) Vijayan,Jimkumar. “Targeted attacks expected to rise in ’06, IBM study says,” http://www.computerworld.com/securitytopics/security/story/0,10801,107992,00.html. January 2006.

[biblio01_011] (OSVBD 2006a) Open Source Vulnerability Database. Oracle, http://www.osvdb.org/searchdb.php?action=search_title&vuln_title=oracle.

[biblio01_012] (OSVDB 2006b) Open Source Vulnerability Database. CRM software, http://www.osvdb.org/searchdb.php?action=search_title&vuln_title=crm.

[biblio01_013] (OSVDB 2006c) Open Source Vulnerability Database. LotusDomino, http://www.osvdb.org/searchdb.php?action=search_title&vuln_title=lotus+domino.

[biblio01_014] (OSVDB 2006d) Open Source Vulnerability Database. Firewalls, http://www.osvdb.org/searchdb.php?action=search_title&vuln_title=firewall.

[biblio01_015] (Flake 2004) Flake,Halvar. “Structural Comparison of Executable Objects,” http://www.sabre-security.com/files/dimva_paper2.pdf.

[biblio01_016] (Moore 2006) Moore,H.D. Metasploit Project, http://www.metasploit.com.

[biblio01_017] (eWeek 2005) Fisher,Dennis, and BrianFonseca. “Data Thefts Reveal Storage Flaws,” http://www.eweek.com/article2/0,1759,1772598,00.asp. March 2005.

[biblio01_018] (CNN 2002) Evers,Joris. “Ellison: Oracle remains unbreakable,” http://archives.cnn.com/2002/TECH/industry/01/21/oracle.unbreakable.idg/index.html. January 2002.

[biblio01_019] (Security Innovation 2006) Security Innovation, Inc. “Regulatory Compliance Demystified: An Introduction to Compliance for Developers,” http://msdn.microsoft.com/security/default.aspx?pull=/library/en-us/dnsecure/html/regcompliance_demystified.asp. MSDN, March 2006.

[biblio01_020] (Howard, LeBlanc, and Viega 2005) Howard,Michael, DavidLeBlanc, and JohnViega. 19 Deadly Sins of Software Development. New York, NY: McGraw-Hill, 2005. Chapter 4, “SQL Injection.”

[biblio01_021] (Johansson 2005) Johansson,Jesper. “Anatomy of a Hack,” http://www.microsoft.com/australia/events/teched2005/mediacast.aspx. Microsoft Tech.Ed, 2005).

[biblio01_022] (Red Database 2006) Red Database Security. “Published Oracle Security Alerts,” http://www.red-database-security.com/advisory/published_alerts.html.

[biblio01_023] (ZDNet 2006c) Espiner,Tom. “Google admits Desktop security risk,” http://news.zdnet.co.uk/0,39020330,39253447,00.htm. February 2006.

[biblio01_024] (Time 2006) “Can We Trust Google with Our Secrets?” Time, February 20, 2006.

[biblio01_025] (NIAP 2005) National Information Assurance Partnership, National Security Agency. “Protection Profiles,” http://niap.nist.gov/pp/index.html.

[biblio01_026] (Microsoft 2003) Microsoft Help and Support. “How To Prevent Auditable Activities When Security Log Is Full,” http://support.microsoft.com/kb/140058/. Last Review: May 2003.

[biblio01_027] (OpenBSD 2004) OpenBSD 3.6 release errata & patch list. “002: Reliability Fix,” http://www.openbsd.org/errata36.html. November 2004.

[biblio01_028] (CVE 2006) Common Vulnerabilities and Exposures. http://cve.mitre.org.

[biblio01_029] (CVE 2005) Christey,StevenM. “Re: Vulnerability Statistics,” http://seclists.org/lists/webappsec/2005/Jan-Mar/0056.html. January 2005.

[biblio01_030] (Gartner 2001) Pescatore,John. “Nimda Worm Shows You Can’t Always Patch Fast Enough,” http://www.gartner.com/DisplayDocument?doc_cd=101034. September 2001.

[biblio01_031] (CRN 2006) Rooney,Paula. “Is Windows Safer?” http://www.crn.com/sections/coverstory/coverstory.jhtml;jsessionid=VV1Q351RM5A1YQSNDBOCKH0CJUMEKJVN?articleId=179103240. February 2006.

[biblio01_032] (Secunia 2006a) “Vulnerability Report: Apache 2.0.x,” http://secunia.com/product/73/.

[biblio01_033] (Secunia 2006b) “Vulnerability Report: Microsoft IIS 6.0,” http://secunia.com/product/1438/.

[biblio01_034] (Zone-H 2006) Zone-H, the Internet Thermometer. http://www.zone-h.org.

[biblio01_035] (CNET 2006) Evers,Joris. “Allchin: Buy Vista for the security,” http://news.com.com/Allchin+Buy+Vista+for+the+security/2100-1012_3-6032344.html?tag=st.prev. January 2006.