Project Zero for Better Security
Project Zero from Google aims to study zero day vulnerabilities. Steve hopes it leads to better security.
2022-05-04
95 reads
Project Zero from Google aims to study zero day vulnerabilities. Steve hopes it leads to better security.
2022-05-04
95 reads
2022-04-22
456 reads
Having a known and documented incident response plan is important these days, as more and more companies are having security incidents.
2022-04-06
126 reads
2022-03-26
102 reads
How comfortable are you with your password security? Today Steve asks given some data on the various times it takes to crack passwords.
2022-03-25
82 reads
While analyzing SQL Server's network protocol, I came across a weird fact: when a database client logs in using SQL Server authentication (as opposed to Windows authentication), it has to send the user's password to the server, in blatant violation of common security guidelines. At first, I couldn't believe it; SQL Server generally does an […]
2022-03-02
5,356 reads
A reminder today that security in the physical world can affect the digital world.
2022-02-23
195 reads
There are a few security issues in the Teams application from Microsoft, and Steve notes that some of the push for new features can be a problem in this area.
2022-01-10
279 reads
Overview As we all know, data security is a never-ending battle. Every day, we hear of new data breaches. It's a hard problem, and there is no single solution, other than a defense in depth. Let's look at one of those defenses for databases: query control. Query control is a simple idea: most applications access […]
2022-01-07
3,957 reads
Problem Some time ago Argenis Fernandez(@DBArgenis) found and described a vulnerability that allows you to get into SQL Server with 'sa' rights. This method does not require a restart of the SQL Server service or the whole machine, the condition is a local administrator account on the server. Reminder SQL Server until 2008R2: Until SQL 2008R2, […]
2022-01-03
8,307 reads
I spend my days working on and managing SQL Server instances—working days at least,...
Want to learn SQL and get some real practice this December? Check out the...
By Steve Jones
A new feature added to Redgate Monitor Enterprise automatically. CIS compliance is something many...
Comments posted to this topic are about the item Merry Christmas 2025
Comments posted to this topic are about the item The Reindeer Count
I have listed the event names present in my system_health extended event report. Based...
How many reindeer does Santa have pulling his sleigh? (according to the famous song) Hint, the answers are not base 10.
See possible answers