EmergencyEMERGENCY? Get 24/7 Help Now!

Webinar Thursday, February 23, 2017: Troubleshooting MySQL Access Privileges Issues

 | February 22, 2017 |  Posted In: MySQL, Security, Technical Webinars

Troubleshooting MySQL Access Privileges

Please join Sveta Smirnova, Percona’s Principal Technical Services Engineer, as she presents Troubleshooting MySQL Access Privileges Issues on February 23, 2017 at 11:00 am PST / 2:00 pm EST (UTC-8). Do you have registered users who can’t connect to the MySQL server? Strangers modifying data to which they shouldn’t have access? MySQL supports a rich […]

Read More

MongoDB Ransomware: Not Likely, But How Do You Know?

 | January 5, 2017 |  Posted In: MongoDB, Security

MongoDB Ransomware

In this blog post, we’ll look at some of the concerns recently seen around MongoDB ransomware and security issues. Security blogs and magazines have recently been aflutter with the news that a hacker is stealing data from MongoDB instantiations and demanding bitcoins to get the data back. This sounds pretty bad at first glance, but […]

Read More

Securing MongoDB Instances

 | December 19, 2016 |  Posted In: MongoDB

In this blog post we’ll look at how to go about securing MongoDB instances. Authentication is one of the most important features of a database, and MongoDB supports it in different ways. Although it allows you to work without any authentication, the best practice is to enable authentication and give users only the permissions they […]

Read More

Is Your Database Affected by CVE-2016-6662?

 | September 12, 2016 |  Posted In: MySQL, Security

CVE-2016-9962

In this blog post, I will discuss the CVE-2016-6662 vulnerability, how to tell if it affects you, and how to prevent the vulnerability from affecting you if you have an older version of MySQL. I’ll also list which MySQL versions include the vulnerability fixes. As we announced in a previous post, there are certain scenarios in […]

Read More

Percona Live Europe featured talk with Ronald Bradford — Securing your MySQL/MariaDB data

 | September 12, 2016 |  Posted In: MySQL, Percona Live

Percona Live Europe featured talk

Welcome to another Percona Live Europe featured talk with Percona Live Europe 2016: Amsterdam speakers! In this series of blogs, we’ll highlight some of the speakers that will be at this year’s conference. We’ll also discuss the technologies and outlooks of the speakers themselves. Make sure to read to the end to get a special Percona Live Europe […]

Read More

Webinar Thursday, September 1 – MongoDB Security: A Practical Approach

 | August 30, 2016 |  Posted In: MongoDB, Security, Technical Webinars

Percona MySQL and MongoDB Webinars

Please join David Murphy as he presents a webinar Thursday, September 1 at 10 am PDT (UTC-7) on MongoDB Security: A Practical Approach. (Date changed*) This webinar will discuss the many features and options available in the MongoDB community to help secure your database environment. First, we will cover how these features work and how to […]

Read More

Take Percona’s One-Click Database Security Downtime Poll

 | August 2, 2016 |  Posted In: MySQL, Security

encrypt

Take Percona’s database security downtime poll. As Peter Zaitsev mentioned recently in his blog post on database support, the data breach costs can hit both your business reputation and your bottom line. Costs vary depending on the company size and market, but recent studies estimate direct costs ranging in average from $1.6M to 7.01M. Everyone agrees […]

Read More

MySQL password expiration features to help you comply with PCI-DSS

 | February 4, 2016 |  Posted In: Security

PCI Compliance (section 8.2.4) requires users to change password every 90 days. Until MySQL 5.6.6 there wasn’t a built-in way to comply with this requirement. Since MySQL version 5.6.6 there’s a password_expired feature which allows to set a user’s password as expired. This has been added to the mysql.user table and its default value it’s […]

Read More

OpenSSH CVE-2016-0777: Details and Mitigation

 | January 14, 2016 |  Posted In: MySQL, Security

OpenSSH

Earlier today advisories were sent out regarding OpenSSH versions 5.4 through 7.1., informing users about a security bug in the software. In essence, the advisory instructed people to add the   UseRoaming no option to their ssh_config file, with a promise for further information to be made available shortly.   Add undocumented "UseRoaming no" to ssh_config or use "-oUseRoaming=no" […]

Read More

MySQL and Trojan.Chikdos.A

 | October 29, 2015 |  Posted In: MySQL

Symantec published a blog post yesterday regarding MySQL and the Trojan.Chikdos.A as can be seen here The Symantec post gives detail into the behavior of the Trojan and it’s effects on the Windows system registry, yet gives little detail as to how the required first stage (namely a malicious UDF) is injected, citing: “In the […]

Read More