EmergencyEMERGENCY? Get 24/7 Help Now!

Tag Archives: David Busby

Tips for avoiding malware from a lesson learned

In a recent article on the Percona blog, I recommended readers to a tool called CamStudio for making technical screen recordings. The blog post was very popular and got 300+ Facebook likes in a short …

Read More
 
Percona security update: oCERT and SSL improvements

We have recently become a member of oCERT to aid in allowing responsible disclosure for Percona products and services as can be seen on their members page. We are presently working on the verbiage for …

Read More
 
Percona Security Advisory CVE-2015-1027

Contents Summary Analysis Mitigating factors P.O.C Acknowledgments Summary During a code audit performed internally at Percona, we discovered a viable information disclosure attack when coupled with a MITM attack in which percona-toolkit and xtrabackup perl …

Read More
 
What stopped MySQL? Tracing back signals sent to MySQL

Have you ever had a case where you needed to find a process which sent a HUP/KILL/TERM or other signal to your database? Let me rephrase. Did you ever have to find which process messed …

Read More
 
How to test if CVE-2015-0204 FREAK SSL security flaw affects you

The CVE-2015-0204 FREAK SSL vulnerability abuses intentionally weak “EXPORT” ciphers which could be used to perform a transparent Man In The Middle attack. (We seem to be continually bombarded with not only SSL vulnerabilities but the …

Read More
 
GHOST vulnerability (CVE-2015-0235) Percona response

Cloud security company Qualys announced Tuesday the issues prevalent in glibc since version 2.2 introduced in 2000-11-10 (the complete Qualys announcement may be viewed here). The vulnerability, CVE-2015-0235, has been dubbed “GHOST.” As the announcement …

Read More
 
File carving methods for the MySQL DBA

This is a long overdue blog post from London’s 44con Cyber Security conference back in September. A lot of old memories were brought to the front as it were; the one I’m going to cover in …

Read More
 
How to close POODLE SSLv3 security flaw (CVE-2014-3566)

Padding Oracle On Downgraded Legacy Encryption First off, the naming “convention” as of late for security issues has been terrible. The newest vulnerability (CVE­-2014-3566) is nicknamed POODLE, which at least is an acronym and as per …

Read More
 
‘Bash Bug’ giving you Shellshock? CVE-2014-6271 update

The media train is in full steam today over the the CVE-2014-6271 programming flaw, better known as the “Bash Bug” or “Shellshock” – the original problem was disclosed on Wednesday via this post. Firstly this …

Read More
 
Systemtap solves phantom MySQLd SIGTERM / SIGKILL issue

The Percona Managed Services team recently faced a somewhat peculiar client issue. We’d receive pages about their MySQL service being unreachable. However, studying the logs showed nothing out of the ordinary…. for the most part it …

Read More
 

Percona’s widely read Percona Data Performance blog highlights our expertise in enterprise-class software, support, consulting and managed services solutions for both MySQL® and MongoDB® across traditional and cloud-based platforms. The decades of experience represented by our consultants is found daily in numerous and relevant blog posts.

Besides specific database help, the blog also provides notices on upcoming events and webinars.

Want to get weekly updates listing the latest blog posts? Subscribe to our blog now! Submit your email address below.

No, thank you. Please do not ask me again.