Stay informed on database security trends, breaches, and best practices in information security with our comprehensive news and updates.
Search across headline titles and summaries.
Background for this topic.
Database is a structured collection of data, often stored and accessed electronically from a computer system. Within the context of information security, securing a database is critical as it may contain sensitive information, personal data, and valuable intellectual property. Security measures for databases include implementing access controls to ensure only authorized individuals can retrieve or manipulate the data, encrypting data both at rest and in transit to prevent unauthorized interception, and regularly patching and updating database management software to protect against vulnerabilities. Additionally, security professionals monitor databases for unusual activities that could indicate a breach, such as unexpected access patterns or changes to the data, ensuring integrity and confidentiality of the data housed within.
Weekly headline count for the current query.
A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal database credentials, SSH private keys, Amazon Web Services (AWS) secrets, shell command history, Stripe API keys, and GitHub tokens at scale
Fortinet has released fixes for a critical security flaw impacting FortiWeb that could enable an unauthenticated attacker to run arbitrary database commands on susceptible instances
So far, the threat actor has compromised at least five organizations using CVE-2024-39717; CISA has added bug to its Known Exploited Vulnerability database.