June 6, 2022

Tech war: Chinese database software vendor shrugs off sanctions risk on using open-source code from Oracle’s MySQL system (South China Morning Post)

South China Morning Post: Tech war: Chinese database software vendor shrugs off sanctions risk on using open-source code from Oracle’s MySQL system. “A Chinese software vendor has brushed aside speculation that its enterprise product, which uses code from Oracle Corp’s MySQL open-source relational database management system, faces the risk of sanctions amid simmering tensions between Washington and Beijing.”

Security & Legal Issues 0
June 1, 2022

SecurityWeek: Scanning Finds Over 3.6 Million Internet-Accessible MySQL Servers

SecurityWeek: Scanning Finds Over 3.6 Million Internet-Accessible MySQL Servers. “The Shadowserver Foundation warns of the security risk associated with more than 3.6 million internet-exposed MySQL servers that accept connections on port 3306/TCP. While scanning the internet for accessible MySQL servers, the organization’s researchers identified a total population of roughly 5.4 million IPv4 and IPv6 instances on port 3306/TCP, but say that only two-thirds of these appear to accept a connection.”

Security & Legal Issues 0
July 24, 2021

Even Facebook struggles: Zuck’s titanic database upgrade hits numerous legacy software bergs (The Register)

The Register: Even Facebook struggles: Zuck’s titanic database upgrade hits numerous legacy software bergs . “Facebook has had all sorts of no fun trying to migrate from MySQL 5.6 to version 8.0. A post from the social network’s engineering team reveals that Facebook’s last MySQL upgrade – to version 5.6 – took ‘more than a year’. Moving to version 8.0 has taken ‘a few years so far’.”

Around the Search & Social Media World 0
March 31, 2021

ZDNet: Google makes Database Migration Service generally available

ZDNet: Google makes Database Migration Service generally available. “Google Cloud on Wednesday announced the general availability of its Database Migration Service (DMS), a serverless tool to migrate MySQL and PostgreSQL databases to Cloud SQL. Later in the year, Google will introduce support for Microsoft SQL Server. DMS supports migrations from both on-premises and other clouds. It offers a unique migration method that uses MySQL and PostgreSQL’s native replication capabilities and maximizes security, fidelity and reliability.”

Tweaks & Updates 0
December 11, 2020

The Register: ‘Malwareless’ ransomware campaign operators pwned 83k victims’ MySQL servers, 250k databases up for sale

The Register: ‘Malwareless’ ransomware campaign operators pwned 83k victims’ MySQL servers, 250k databases up for sale. “A ‘malwareless’ ransomware campaign delivered from UK IP addresses targeting weak security controls around internet-facing SQL servers successfully pwned 83,000 victims, according to Israeli infosec biz Guardicore.”

Security & Legal Issues 0
January 5, 2018

ITPro Today: Critical CSRF Security Vulnerability in phpMyAdmin Database Tool Patched

ITPro Today: Critical CSRF Security Vulnerability in phpMyAdmin Database Tool Patched. “phpMyAdmin has been dealing with a critical CSRF security vulnerability. The timing on this is lousy, coming on a day when every admin and DevOps on the planet is scrambling to patch every Intel machine against Meltdown, while trying to figure out what it will mean to have every server in the data center taking a 5-30 percent performance hit. The problem with security issues is that they’re rarely polite enough to surface when it’s convenient.”

Security & Legal Issues 0
April 15, 2017

The Register: All ready for that Easter holiday? Here’s a mild MySQL security bug

The Register: All ready for that Easter holiday? Here’s a mild MySQL security bug . “A programming blunder has been uncovered in Oracle’s MySQL that can potentially leak usernames and passwords to man-in-the-middle eavesdroppers. Known as ‘The Riddle,’ the flaw potentially allows a miscreant to intercept and obtain login credentials sent from MySQL clients 5.5 and 5.6 to servers. Apparently, a fix introduced in versions 5.5.49 and 5.6.30 isn’t enough to fully address the design flaw. Versions 5.7 and later, as well as MariaDB systems, are not vulnerable.”

Security & Legal Issues 0
February 25, 2017

Bleeping Computer: Database Ransom Attacks Have Now Hit MySQL Servers

Bleeping Computer: Database Ransom Attacks Have Now Hit MySQL Servers. “After the ransacking of MongoDB, ElasticSearch, Hadoop, CouchDB, and Cassandra servers, attackers are now hijacking hundreds of MySQL databases, deleting their content, and leaving a ransom note behind asking for a 0.2 Bitcoin ($235) payment. According to breach detection firm GuardiCore, the attacks are happening via brute-force attacks on Internet-exposed MySQL servers, and there’s plenty of those laying around since MySQL is one of today’s most popular database systems.”

Security & Legal Issues 0

The ResearchBuzz Firehose is regular RB content presented as individual posts.
For digest-type posts a couple of times a day, please visit ResearchBuzz.

Want to know how to best use the Firehose for content discovery?
Check out this handy article.

Get RB Firehose Via EMail

Enter your email address to subscribe to ResearchBuzz Firehose and get a firehose of new posts straight to your email.

Join 2,016 other subscribers

Recent Posts

Popular Posts

Latest ResearchBuzz Gizmos

WikiRSS: Search Wikipedia for RSS Feeds
Sheet-Shaped Wikipedia: Turn Wikidata Into Spreadsheet-Ready Text Files
Unleash Wikipedia’s Potential: Link Directory and Beyond with Wikidata Quick Dip
Wikidata Property Peeker
Uncover the Context of Wikipedia Pages: Explore with Wiki Page Backstory