A few days ago, I attended an event organized by theÂ Chamber of Commerce in Belgium (ICC Belgium) and the Federation of Enterprises (FEB) to announce with great ceremony the release of the first Belgian Cyber Security Guide. Honestly, this is a great initiative!Â In the audience, many many infosec professionals were
MySQL Attacks Self-Detection
I’m currently attending the Hashdays security conference in LucerneÂ (Switzerland). Yesterday I attended a first round of talks (the management session). Amongst all the interesting presentations, Alexander Kornbrust got my attention with his topic: “Self-Defending Databases“. Alexander explained how databases can be configured to detect suspicious queries and prevent attacks. Great
mysql.com pwn3d… so what?
This is probably the breaking news of this weekend on security blogs and websites: mysql.com and other related sites have been compromised! This was disclosed via an e-mail sent to the full-disclosure mailing list (copy here). If you take the time to read the message, you will learn that the
Auditing MySQL DB Integrity with OSSEC
Databases are a core component in lot of applications and websites. Almost everything is stored in databases. Let’s take a standard e-commerce website, we can find in databases a lot of business critical information: about customersÂ (PII), articles, prices, stocks, payment (PCI), orders, logs, sessions, etc. Like any component of