EmergencyEMERGENCY? Get 24/7 Help Now!

Percona Server for MongoDB: Dashing New LDAP Authentication Plugin

 | March 16, 2017 |  Posted In: MongoDB, Security, Solutions Engineering

LDAP Authentication

This blog post is another in the series on the Percona Server for MongoDB 3.4 bundle release. In this blog, we’ll look at the new LDAP authentication plugin.  Hear ye, hear ye, hear ye… With the arrival of version 3.4, Percona has included an LDAP plugin in Percona Server for MongoDB. Authentication is an essential […]

Read More

MongoDB Audit Log: Why and How

 | March 3, 2017 |  Posted In: MongoDB, Percona Server for MongoDB, Security

MMAPv1

This blog post is another in the series on the Percona Server for MongoDB 3.4 bundle release. In this blog post, we’ll talk about the MongoDB audit log. Percona’s development team has always invested in the open-source community a priority – especially for MongoDB. As part of this commitment, Percona continues to build MongoDB Enterprise […]

Read More

MySQL Ransomware: Open Source Database Security Part 3

and  | February 27, 2017 |  Posted In: MySQL, Security

MySQL Ransomware

This blog post examines the recent MySQL® ransomware attacks, and what open source database security best practices could have prevented them. Unless you’ve been living under a rock, you know that there has been an uptick in ransomware for MongoDB and Elasticsearch deployments. Recently, we’re seeing the same for MySQL. Let’s look and see if this is MySQL’s […]

Read More

Webinar Thursday, February 23, 2017: Troubleshooting MySQL Access Privileges Issues

 | February 22, 2017 |  Posted In: MySQL, Security, Technical Webinars

Troubleshooting MySQL Access Privileges

Please join Sveta Smirnova, Percona’s Principal Technical Services Engineer, as she presents Troubleshooting MySQL Access Privileges Issues on February 23, 2017 at 11:00 am PST / 2:00 pm EST (UTC-8). Do you have registered users who can’t connect to the MySQL server? Strangers modifying data to which they shouldn’t have access? MySQL supports a rich […]

Read More

Docker Security Vulnerability CVE-2016-9962

 | January 31, 2017 |  Posted In: Docker, Events and Announcements, MongoDB, MySQL, PMM, Security

CVE-2016-9962

Docker 1.12.6 was released to address CVE-2016-9962. CVE-2016-9962 is a serious vulnerability with RunC. Quoting the coreos page (linked above): “RunC allowed additional container processes via runc exec to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new […]

Read More

CVE-2016-6225: Percona Xtrabackup Encryption IV Not Being Set Properly

and  | January 12, 2017 |  Posted In: MySQL, Security

Percona XtraBackup

If you are using Percona XtraBackup with xbcrypt to create encrypted backups, and are using versions older than 2.3.6 or 2.4.5, we advise that you upgrade Percona XtraBackup. Note: this does not affect encryption of encrypted InnoDB tables. CVE-2016-6225 Percona XtraBackup versions older than 2.3.6 or 2.4.5 suffered an issue of not properly setting the Initialization Vector (IV) for […]

Read More

MongoDB Ransomware: Not Likely, But How Do You Know?

 | January 5, 2017 |  Posted In: MongoDB, Security

MongoDB Ransomware

In this blog post, we’ll look at some of the concerns recently seen around MongoDB ransomware and security issues. Security blogs and magazines have recently been aflutter with the news that a hacker is stealing data from MongoDB instantiations and demanding bitcoins to get the data back. This sounds pretty bad at first glance, but […]

Read More