I published the following diary on isc.sans.edu: “Sensitive Data Shared with Cloud Services“: Yesterday was the data protection day in Europe. I was not on duty so I’m writing this quick diary a bit late. Back in 2020, the Nitro PDF service suffered from a data breach that impacted many
Tag: database
Database Tables and Rows: Security by Obscurity Is Sometimes Helpful!
“Security by obscurity is bad!“… Most infosec professionals will tell you this. The principle is to implement security by hiding stuff in the installation of tools or solutions. Often, people using security by obscurity believe that their stuff will be properly protected (not found by the attackers). But this technique
MySQL Attacks Self-Detection
I’m currently attending the Hashdays security conference in Lucerne (Switzerland). Yesterday I attended a first round of talks (the management session). Amongst all the interesting presentations, Alexander Kornbrust got my attention with his topic: “Self-Defending Databases“. Alexander explained how databases can be configured to detect suspicious queries and prevent attacks. Great
Auditing MySQL DB Integrity with OSSEC
Databases are a core component in lot of applications and websites. Almost everything is stored in databases. Let’s take a standard e-commerce website, we can find in databases a lot of business critical information: about customers (PII), articles, prices, stocks, payment (PCI), orders, logs, sessions, etc. Like any component of
Applications White List by ISC/NIST
In security, when you have to restrict access to “resources” (websites, files, IP addresses, ports, etc), you can deploy while or black lists. The term “white list” refers to a list of resources which are allowed or granted. At the opposite, a black list refers to resources which are denied
Importing Secunia Advisories into a SIEM/OSSEC
Secunia is a security company which, amongst other activities, maintains a huge database of vulnerabilities. On their website, they describes their business like this: “Secunia collects, evaluates, verifies, and analyses security information. This security information is available through our databases and is distributed to our customers, segmented according to their
Ooops! I Made a Boo Boo!
Do you have a good backup? Read the following story. Having redundant disk systems (RAID), database replicas and high-availability servers is not enough! More than third of data lost is caused by human mistakes! A good backup procedure is mandatory, with off-site storage of course. Last advice: the procedure must
Error Handling: verbosity−−;
Developers need to implement good error handling procedures in their code. There is nothing more annoying that something like “error 0x4e45ff“. On the other side, reporting too much details to the end user can lead to security threads! Use Google and search for “mysql error and look the cached pages.