Something exciting happened a few days ago. It started with a tweet and a blog post, and has evolved into an official CVE-2022-21500. I thought it would be good to publish some details beyond the official MOS note document. …
Read More >Episode 55 Shownotes Welcome to another episode of the Datascape Podcast. In today’s show, Simon Pane talks about what database security will look like in 2022. Together the hosts discuss various topics, including the current state of enterprise database security,…
Read More >In late 2019, some corporate leaders were ambivalent or against the concept of remote work. By the spring of 2020, those same leaders had little choice but accept the current reality and to trust the process. Today, organizations generally accept…
Read More >For many of us, the recent log4j vulnerability (CVE-2021-44228) became a severe headache this past weekend. I thought we’d publish a summary of some of our findings gathered so far. We’ll keep it updated with news and details published by…
Read More >This is the fifth in a series of blog posts that covers setting up the load balancer for a high available setup of Oracle Enterprise Manager 13.5 using Oracle Cloud Infrastructure’s resources. Recap This is the fifth of a…
Read More >Justification Snowflake offers role-based access control (RBAC) as the mechanism to handle authorization of security principals (users, services, etc.) and grant or deny them access to different database objects and operations. A key piece of a successful Snowflake implementation is…
Read More >If your application uses Java 1.7 that connects to Oracle Database securely over TCPS (Transmission Control Protocol with SSL), and you keep your security patching up to date, the latest Oracle April 2021 security updates may raise some challenges for…
Read More >On September 1, 2020, Apache disclosed a security vulnerability for Apache Cassandra. Summary: It’s possible for a local attacker without access to the Apache Cassandra process or configuration files, to manipulate the RMI registry to perform a man-in-the-middle attack and…
Read More >There were some security patches released this month for Postgres, to put further restrictions on pathways that malicious users could use to leverage the search_path to insert malicious code. What is the search path? What is search_path? Postgres has a…
Read More >Jared Still shows you how to setup the open source RADIUS server FreeRadius so it may be used to authenticate database connections.
Read More >