by David Stokes | Feb 6, 2024 | Insight for DBAs, MySQL, Security
Are your MySQL users using ‘password’, ‘s3cr3t’, or ‘thebossisajerk’ as their passwords? Easy-to-guess passwords can be disastrous to the security of your data, but there is a way to exclude inappropriate words or phrases from being used. The first step is to compile...
by Ibrar Ahmed | Feb 2, 2024 | Insight for DBAs, PostgreSQL, Security
This blog was originally published in December of 2022 and updated in February of 2024. Encrypting data at rest in a database management system (DBMS) refers to securing data by encrypting it when it is not being used or accessed. This is often done to protect...
by Yunus Shaikh | Jan 5, 2024 | Cloud, MySQL, Security
The AWS KMS component is now available in Percona Server for MySQL starting from version 8.0.30. This addition enables data-at-rest encryption by utilizing the AWS KMS component, providing the functionality to create and manage cryptographic keys across AWS services....
by Sri Sakthivel | Aug 10, 2023 | Insight for DBAs, MySQL, Security
MySQL 8.0.34 brings us a new password validation parameter. Using this, we can control the minimum number of characters in a password that a user must change before validate_password accepts a new password for the user’s account. In this blog, I offer a few...
by Vinicius Grippa | Aug 1, 2023 | Insight for DBAs, MongoDB, Percona Software, Security
This blog was originally published on August 10, 2020, and was updated on August 1, 2023. “I think most of the time hackers behind the attacks do it just for fun, because they can and because it’s very simple”, — says Diachenko. Source: “Meowing” attack...
by Jan Wieremjewicz | Apr 28, 2023 | Cloud, MongoDB, Percona Software, Security
Did you notice that Percona Server for MongoDB 6.0.5-4 was released just a few days ago? This time around, it introduced improvements to the way we handle master key rotation for data at rest encryption as well as AWS IAM integration. One key to rule them all —...
by Joe Brockmeier | Apr 26, 2023 | Database Trends, Insight for DBAs, Insight for Developers, Open Source
Even though open source software is firmly in the mainstream, used widely by businesses, governments, and everyone who owns a cell phone or computer, the question repeatedly arises: “Is open source software safe?” Broadly speaking, the answer is a resounding yes. But...
by Abhinav Gupta | Apr 24, 2023 | MySQL, ProxySQL, Security
In this blog post, we will see how to persist the password inside the ProxySQL mysql_users table in hashed format only. Also, even if someone stored the password in cleartext, we see how to change those into the hashed format easily. Here we are just highlighting one...
by Sergey Pronin | Apr 20, 2023 | Cloud, Percona Software, PostgreSQL, Security
Data-at-rest encryption is essential for compliance with regulations that require the protection of sensitive data. Encryption can help organizations comply with regulations and avoid legal consequences and fines. It is also critical for securing sensitive data and...
by Gaurav Pareek | Mar 21, 2023 | Insight for DBAs, MySQL, Security
In this blog, I’ll discuss the use case for replication. We want to improve our ability to replicate your data and limit replication to row-based events securely, wherein we do not have control over the source(s). The replica doesn’t have checking...
by Sergey Pronin | Jan 17, 2023 | Percona Platform, Percona Software, Security
by Sergey Pronin | Dec 15, 2022 | Cloud, MySQL, Percona Software, Security
Operators hide the complexity of the application and Kubernetes. Instead of dealing with Pods, StatefulSets, tons of YAML manifests, and various configuration files, the user talks to Kubernetes API to provision a ready-to-use application. An Operator automatically...
by Marco Tusa | Nov 23, 2022 | Insight for DBAs, MySQL, Security
What is dual password in MYSQL and how it works was already covered by my colleague Brian Sumpter in Using MySQL 8 Dual Passwords. However, let me do a brief recap here about it. Dual password is the MySQL mechanism that allows you to keep two passwords active at the...
by Marco Tusa | Nov 10, 2022 | MySQL, Percona Software, ProxySQL, Security
Every day we use dozens if not hundreds of applications connecting to some kind of data repository. This simple step is normally executed over the network and, given so, it is subject to possible sniffing with all the possible related consequences. Given that, it is...
by Inel Pandzic | Oct 3, 2022 | Cloud, Percona Software, Security
Just to have a simple refresher, let’s start with a bit of Wikipedia: a vulnerability (in computing) is: Vulnerabilities are flaws in a computer system that weaken the overall security of the device/system. Vulnerabilities can be exploited by a threat actor,...
by Sergey Pronin | Sep 23, 2022 | MongoDB, MySQL, Percona Platform, Percona Software, PostgreSQL
September was and is an extremely fruitful month (especially for the black-hat hackers) for news about data leaks and breaches: Uber suffers computer system breach, alerts authorities GTA 6 source code and videos leaked after Rockstar Games hack Revolut breach:...
by Alexander Demidoff | Jul 7, 2022 | Monitoring, Percona Software, Security
We highly value security here at Percona, and in this blog post, we will show how to protect your Percona Monitoring and Management (PMM) Server with an SSL certificate and automate its lifecycle by leveraging a proxy server. Introduction As you may know, PMM Server...
by Zsolt Parragi | May 25, 2022 | Insight for DBAs, MySQL, Percona Software, Security
MySQL allows changing the location of the general log and the slow query log while the server is running by anybody having the SYSTEM_VARIABLES_ADMIN privilege to any location, including appending to existing files. In Percona Server for MySQL 8.0.28-19 we introduced...
by Brian Sumpter | Mar 23, 2022 | Insight for DBAs, MySQL, Security
As part of my ongoing series around MySQL 8 user administration, I’d like to cover one of the new features introduced in MySQL 8.0.27 – multi-factor authentication. In order to establish identity, multi-factor authentication (MFA) is the use of multiple...
by Brian Sumpter | Mar 22, 2022 | Insight for DBAs, MySQL, Security
In keeping with my MySQL 8 user administration and security theme, I’d like to discuss the password verification-required policy introduced in MySQL 8.0.13. With this feature, it is possible to require that attempts to change an account password be verified by...
