Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Databases

Trustwave

Honeypot Recon: New Variant of SkidMap Targeting Redis

Aug 2, 2023 By Radoslaw Zdonczyk In Trustwave

Since Redis is becoming increasingly popular around the world, we decided to investigate attacks on the Redis instance. We didn’t have to wait long for the first results of the Honeypot. The trap caught an activity about which the Western world does not hear too often while analyzing SkidMap. More importantly, this variant turned out to be a new, improved, dangerous variation of the malware. Its level of sophistication surprised us quite a bit.

Read Post

Unlocking AI Potential: Streamlining Database Access with Teleport

Jul 19, 2023 By Teleport In Teleport
- Captivated by the capabilities of OpenAI’s ChatGPT, today, many of our data research friends are experimenting with tools and datasets to learn how Artificial Intelligence (AI) and Generative Pretrained Transformers (GPT) can be used to solve unique and challenging business problems. While many sample corpora datasets exist, experimenting on your production datasets is often needed but difficult due to access restrictions, challenging network configurations, or complicated approval processes.
View Video
Trustwave

Honeypot Recon: MSSQL Server - Database Threat Overview '22/'23

Jun 20, 2023 By Radoslaw Zdonczyk, Mariusz Siedlecki In Trustwave

In a constantly connected world, protecting sensitive data in what are often complex database structures requires staying up to date with cyber criminals’ malicious attack techniques, and infection methods. This research is an extension of another project which involves monitoring attacks carried out on database servers worldwide. Understanding how these bots work can keep your digital world safe and secure.

Read Post
Trustwave

Honeypot Recon: Global Database Threat Landscape

Jun 13, 2023 By Radoslaw Zdonczyk In Trustwave

In today's digital era, the importance of securing databases cannot be overstated. As more and more global businesses and organizations rely on DBMS systems to store tons of sensitive information, the risk of targeted attacks and data breaches continues to increase. Therefore, the importance of monitoring and uncovering new actors along with their - often unique - attack techniques and methods is crucial.

Read Post
CalCom

Hackers Backdoor to Microsoft SQL Servers using Trigona ransomware

Apr 24, 2023 By John Gates In CalCom
South Korean cyber security organisation AhnLab has identified a breach in Microsoft SQL servers allowing deployment of Trigona ransomware. The attacks were threat actors using brute-force or dictionary attacks with obtained or guessed credentials to infiltrate externally accessible MS-SQL servers.
Read Post
code intelligence

New Vulnerability in MySQL JDBC Driver: RCE and Unauthorized DB Access

Apr 20, 2023 By Roman Wagner In Code Intelligence
We have found a new vulnerability in MySQL Connector/J (CVE-2023-21971). Oracle issued a critical path update that fixed the issue on April 18, 2023. The vulnerability was found as part of our collaboration with Google’s OSS-Fuzz.
Read Post
Trustwave

Dissecting Buffer Overflow Attacks in MongoDB

Apr 19, 2023 By Trustwave In Trustwave

Towards the end of 2020, a new vulnerability in MongoDB was found and published. The vulnerability affected almost all versions of MongoDB, up to v4.5.0, but was discussed and patched appropriately. The vulnerability, CVE-2020-7928, abuses a well-known component of MongoDB, known as the Handler, to carry out buffer overflow attacks by way of null-byte injections.

Read Post
splunk

The SQL Injection Guide: Attacks, Types, Signs & Defense Against SQLi

Mar 23, 2023 By Muhammad Raza In Splunk
Most dynamic web applications and sites — ones that store and process user information — use some sort of database implementation. One of the most common implementations involves SQL. Structured Query Language is a standard language for relational database management systems (RDBMS). It lets you query database records, change and modify them, set permissions, create custom views and storage procedures.
Read Post
CloudCasa

Schedule and Automate Postgres Backups on Kubernetes

Mar 23, 2023 By Vedant Khairnar In CloudCasa

Postgres, also known as PostgreSQL, is a powerful open-source relational database that has been around for over 30 years. It has a strong reputation for reliability, scalability, and performance, which is why it is used by a wide range of organizations, from small businesses to large enterprises, across various industries. Whether you need to store and retrieve large amounts of data, run complex queries, or support business-critical applications, Postgres can handle it all.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.