Databases

Apache Superset - Database Data Retrieval Through Improper Error Handling

Anastasios Stasinopoulos from OBRELA LABS Team discovered a security flaw that affects Apache Superset (before 3.0.4, from 3.1.0 before 3.1.1), an open-source modern data exploration and visualization platform. Apache Superset error handling can be manipulated in order to allow data retrieval from the backend database.

How to Install PostgreSQL 16 on RHEL 9

PostgreSQL is one of the leading and widely used open source relational database management systems (RDBMS) that stores structured data in tables, just like MySQL. It is used by developers in their tech stacks and even by large enterprises and corporations to store website and application data. PostgreSQL uses SQL query language to store and manipulate data and also provides JSON support.

SQL Server Orphaned Users - An Invisible Threat: Detection and Remediation Steps

Orphaned users in SQL Server arise when a database user is associated with a login in the master database that no longer exists and should be removed. This situation can happen when the login is removed or when the database is transferred to a different server lacking the corresponding login. The SQL Server logins existing on a server instance can be seen through the sys.server_principals catalog view and the sys.sql_logins compatibility view.

Practical Steps to Prevent SQL Injection Vulnerabilities

In today's digital landscape, web applications and APIs are constantly under threat from malicious actors looking to exploit vulnerabilities. A common and dangerous attack is a SQL injection. In this blog, we will explore SQL injection vulnerabilities and attacks, understand their severity levels, and provide practical steps to prevent them. By implementing these best practices, you can enhance the security of your web applications and APIs.

How SQL Server Audit is Your Secret Security Weapon

The SQL Server Audit object gathers individual occurrences of server or database-level actions and sets of actions for monitoring purposes. This audit operates at the SQL Server instance level, allowing for multiple audits per instance. Upon defining an audit, you designate the destination for result output. Before beginning a SQL Server audit pay attention to the limitations and restrictions associated with database audit specifications.

Securing Database Access: DPA Zero Standing Privilege Approach with Native HeidiSQL Utility

In this video, we'll guide you through the process of utilizing CyberArk DPA's capabilities to seamlessly connect to a Postgres database using the HeidiSQL client, leveraging the secure foundation of JIT access approach for enhanced security and efficiency.

Securing Database Access: DPA Vaulted Account Approach with Native PGadmin Utility

In this video, we'll guide you through the process of utilising CyberArk DPA's capabilities to seamlessly connect to a Postgres database using the PGadmin client, leveraging the secure foundation of Vaulted Accounts for enhanced security and efficiency.

Securing Database Access: DPA Vaulted Account Approach with Native HeidiSQL Utility

In this video, we'll guide you through the process of utilising CyberArk DPA's capabilities to seamlessly connect to a Postgres database using the HeidiSQL client, leveraging the secure foundation of Vaulted Accounts for enhanced security and efficiency.

How to Prevent SQL Injection Attacks?

Are you aware of the increasing threat of SQL injection vulnerabilities?In Q4 2022, AppTrana stopped 1,111,548 of these attacks. With over a million SQL injection attacks blocked in just three months, it’s clear that web applications are under siege. How to stay ahead of the game and protect your business now? Here is a guide to understanding this OWASP top 10 vulnerability and how to prevent SQL injection attacks.