EmergencyEMERGENCY? Get 24/7 Help Now!

Docker Security Vulnerability CVE-2016-9962

 | January 31, 2017 |  Posted In: Docker, Events and Announcements, MongoDB, MySQL, PMM, Security

CVE-2016-9962

Docker 1.12.6 was released to address CVE-2016-9962. CVE-2016-9962 is a serious vulnerability with RunC. Quoting the coreos page (linked above): “RunC allowed additional container processes via runc exec to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file-descriptors of these new […]

Read More

CVE-2016-6225: Percona Xtrabackup Encryption IV Not Being Set Properly

and  | January 12, 2017 |  Posted In: MySQL, Security

CVE-2016-6225

If you are using Percona XtraBackup with xbcrypt to create encrypted backups, and are using versions older than 2.3.6 or 2.4.5, we advise that you upgrade Percona XtraBackup. Note: this does not affect encryption of encrypted InnoDB tables. CVE-2016-6225 Percona XtraBackup versions older than 2.3.6 or 2.4.5 suffered an issue of not properly setting the Initialization Vector (IV) for […]

Read More

MongoDB Ransomware: Not Likely, But How Do You Know?

 | January 5, 2017 |  Posted In: MongoDB, Security

MongoDB Ransomware

In this blog post, we’ll look at some of the concerns recently seen around MongoDB ransomware and security issues. Security blogs and magazines have recently been aflutter with the news that a hacker is stealing data from MongoDB instantiations and demanding bitcoins to get the data back. This sounds pretty bad at first glance, but […]

Read More

Percona XtraDB Cluster 5.6.30-25.16.2 is now available (CVE-2016-6662 fix)

 | September 15, 2016 |  Posted In: Events and Announcements, MySQL, Percona Software, Percona XtraDB Cluster, Security

ProxySQL Admin

Percona  announces the new release of Percona XtraDB Cluster 5.6 on September 15, 2016. Binaries are available from the downloads area or our software repositories. Percona XtraDB Cluster 5.6.30-25.16.2 is now the current release, based on the following: Percona Server 5.6.30-76.3 Galera Replication library 3.16 Codership wsrep API version 25 This release provides a fix for CVE-2016-6662. […]

Read More

Is Your Database Affected by CVE-2016-6662?

 | September 12, 2016 |  Posted In: MySQL, Security

CVE-2016-9962

In this blog post, I will discuss the CVE-2016-6662 vulnerability, how to tell if it affects you, and how to prevent the vulnerability from affecting you if you have an older version of MySQL. I’ll also list which MySQL versions include the vulnerability fixes. As we announced in a previous post, there are certain scenarios in […]

Read More

Get MySQL Passwords in Plain Text from .mylogin.cnf

 | September 7, 2016 |  Posted In: MySQL, Security

MySQL Passwords

This post will tell you how to get MySQL passwords in plain text using the .mylogin.cnf file. Since MySQL 5.6.6, it became possible to store MySQL credentials in an encrypted login path file named .mylogin.cnf, using the mysql_config_editor tool. This is better than in plain text anyway. What if I need to read this password in […]

Read More

Webinar Thursday, September 1 – MongoDB Security: A Practical Approach

 | August 30, 2016 |  Posted In: MongoDB, Security, Technical Webinars

Percona MySQL and MongoDB Webinars

Please join David Murphy as he presents a webinar Thursday, September 1 at 10 am PDT (UTC-7) on MongoDB Security: A Practical Approach. (Date changed*) This webinar will discuss the many features and options available in the MongoDB community to help secure your database environment. First, we will cover how these features work and how to […]

Read More

Take Percona’s One-Click Database Security Downtime Poll

 | August 2, 2016 |  Posted In: MySQL, Security

encrypt

Take Percona’s database security downtime poll. As Peter Zaitsev mentioned recently in his blog post on database support, the data breach costs can hit both your business reputation and your bottom line. Costs vary depending on the company size and market, but recent studies estimate direct costs ranging in average from $1.6M to 7.01M. Everyone agrees […]

Read More

MongoDB Security: Why pay for Enterprise when Open Source has you covered?

 | June 17, 2016 |  Posted In: MongoDB, Security

MongoDB Security

Does ensuring MongoDB security justify the cost of the Enterprise version? In my opinion, the answer is no. MongoDB Inc© blasted an email with a study showing that the average cost of a data breach can be $5.9M. You can find the key finding in IBM’s 2015 report here: NH Learning Solutions Key findings: Data breaches cost the most in the […]

Read More

Percona’s widely read Percona Database Performance blog highlights our expertise in enterprise-class software, support, consulting and managed services solutions for both MySQL® and MongoDB® across traditional and cloud-based platforms. The decades of experience represented by our consultants is found daily in numerous and relevant blog posts.

Besides specific database help, the blog also provides notices on upcoming events and webinars.
Want to get weekly updates listing the latest blog posts? Subscribe to our blog now! Submit your email address below and we’ll send you an update every Friday at 1pm ET.

No, thank you. Please do not ask me again.