Planet MySQL

Displaying posts with tag: Cyber Security (reset)

Aug

2018

Comparing Data At-Rest Encryption Features for MariaDB, MySQL and Percona Server for MySQL

Posted by MySQL Performance Blog on Thu 23 Aug 2018 17:00 UTC
Tags:

Security, database security, mariadb, mysql security, encryption, Data security, MySQL, Percona Server for MySQL, Cyber Security, MySQL Data at Rest Encryption, MySQL 8.0, Encryption at rest, MySQL Encryption at Rest

Protecting the data stored in your database may have been at the top of your priorities recently, especially with the changes that were introduced earlier this year with GDPR.

There are a number of ways to protect this data, which until not so long ago would have meant either using an encrypted filesystem (e.g. LUKS), or encrypting the data before it is stored in the database (e.g. AES_ENCRYPT or other abstraction within the application). A few years ago, the options started to change, as Alexander Rubin discussed in …

[Read more]

Jul

2018

Another Day, Another Data Leak

Posted by MySQL Performance Blog on Fri 06 Jul 2018 15:58 UTC
Tags:

Security, database security, attack, mongodb, Data security, MySQL, business continuity, Percona Server for MySQL, Cyber Security, percona server for MongoDB, data leak, enterprise security

In the last few days, there has been information released about yet another alleged data leak, placing in jeopardy “…[the] personal information on hundreds of millions of American adults, as well as millions of businesses.” In this case, the “victim” was Exactis, for whom data collection and data security are core business functions.

Some takeaways from Exactis

Please excuse the pun! In security, we have few chances to chuckle. In fact, as a Security Architect, I sigh deeply when I read about this kind of issue. Firstly, it’s preventable. Secondly, I worry that if an organization like Exactis is not getting it right, what chance the rest of the world?

As the Wired article notes the tool https://shodan.io/ can be revealing and well worth a look. For example, you …

[Read more]

Dec

2014

File carving methods for the MySQL DBA

Posted by MySQL Performance Blog on Tue 23 Dec 2014 16:31 UTC
Tags:

Security, DBA, primary, Insight for DBAs, MySQL, David Busby, 44con, Cyber Security, File carving

This is a long overdue blog post from London’s 44con Cyber Security conference back in September. A lot of old memories were brought to the front as it were; the one I’m going to cover in this blog post is: file carving.

So what is file carving? despite the terminology it’s not going to be a full roast dinner; unless you have an appetite for data which as you’re here I’m assuming you have.

The TL;DR of “what is file carving” is taking a target blob of data (often a multi GB / TB file) and reducing it in to targeted pieces of data, this could be for instance grabbing all the jpeg images in a packet capture / mysqldump; or pulling that single table/schema out of a huge mysqldump with –all-databases (if you’re not using mydumper you really …

[Read more]

Top Authors

Oracle MySQL Blogs

Vendor Blogs

MySQL Links