Ddostf DDoS Botnet Malware Targets MySQL Servers

Beware of a new threat in the cyber realm: the ‘Ddostf’ malware botnet is on the prowl, specifically targeting MySQL servers. This malicious botnet enslaves MySQL servers for a sinister purpose – ...
Database Ransomware: From Attack to Recovery

Database Ransomware: From Attack to Recovery

Introduction In recent years, ransomware attacks have risen sharply, due to their profitability, ease of access with ransomware-as-a-service (RaaS) tools, and an increasing attack surface.  Ransomware is a type of attack in ...

Data Security in MySQL is an evolving compliance and threat landscape

MySQL remains one of the most popular relational databases today. It offers a variety of data security features that can help with compliance, but only for those who purchase and use the ...

Data Security in MySQL is an evolving compliance and threat landscape

MySQL remains one of the most popular relational databases today. It offers a variety of data security features that can help with compliance, but only for those who purchase and use the ...
PLEASE_READ_ME Ransomware Campaign Targeting MySQL Servers

PLEASE_READ_ME Ransomware Campaign Targeting MySQL Servers

Digital attackers launched a new ransomware campaign dubbed “PLEASE_READ_ME” in an effort to target MySQL servers. Guardicore first spotted the attack back in January 2020. After that, it witnessed a total of ...
Open Source Sucks, Says Ballsy Infosec Firm

Open Source Sucks, Says Ballsy Infosec Firm

Security bugs are exploding in open source software, claims a vulnerability management service ...
Security Boulevard
SiteLock

SiteLock Extends Database Security Reach to MySQL

SiteLock this week extended the reach of its tool for finding and removing malware from databases to include the open source MySQL database. Previously, the SMART Database only supported websites built using ...
Security Boulevard
A Deep Dive into Database Attacks [Part IV]: Delivery and Execution of Malicious Executables through SQL Commands (MySQL)

A Deep Dive into Database Attacks [Part IV]: Delivery and Execution of Malicious Executables through SQL Commands (MySQL)

In this post we cover different techniques for execution of SQL and OS commands through MySQL database servers that can be used for delivering and executing malicious payloads on a target system ...
Ha Ha! Business

Never Say ‘No’ to Direct Database Access

| | database, mssql, mysql, Oracle, secops, security
Direct access to databases is usually a privilege of DBAs and not end-users. Nonetheless, end-users have to access DBs in certain situations like generating sales reports, making ad-hoc queries, exporting data into spreadsheets and so on. From ...
Nmap NSE Howto: MySQL Auth Bypass

Nmap NSE Howto: MySQL Auth Bypass

A recently disclosed critical vulnerability in MySQL authentication on some platforms gave me just the excuse I needed to write my first Nmap NSE script. @jcran produced a metasploit module to find and ...