“SQLi, phishing, bad passwords, and lack of patches are the Four Horseman of the cybersecurity apocalypse”
Thanks to Robert Graham of Errata Security for that one. Sad, but true. I might add (bad) mobile code, but that’s just a subset of lack of patches, really.