[syndicated profile] register_security_feed

Posted by Joe Kaden, senior technical account manager, Prelude Security

Timing is everything in the war against ransomware thieves, says Prelude Security

Partner content  When a new security advisory drops or an alarming new ransomware campaign makes the news, the question from leadership inevitably follows: "Are we covered?"…

[syndicated profile] register_security_feed

Posted by Richard Speed

On your marks, get set... bork!

updated  Microsoft set a new record with June's security update for the time between release and an admission of borkage.…

[syndicated profile] register_security_feed

Posted by Jessica Lyons

The botnet’s still alive and evolving

Badbox 2.0, the botnet that infected millions of smart TV boxes and connected devices before private security researchers and law enforcement partially disrupted its infrastructure, is readying for a third round of fraud and digital attacks, according to one of the threat hunters who uncovered the original scheme.…

[syndicated profile] elementy_news_feed

Результаты раскопок в Южной галерее Денисовой пещеры позволили заполнить пробелы в хронологии ее освоения древними Homo. Согласно новым данным, денисовцы впервые появились в пещере около 300 тыс. лет назад, а неандертальцы — 200 тыс. лет назад. После этого в течение 150 тысяч лет оба вида периодически посещали пещеру. Около 50 тысяч лет назад появляется ДНК сапиенсов и верхнепалеолитические изделия.

[syndicated profile] register_security_feed

Posted by Iain Thomson

Stealthy Falcon swoops on WebDAV and Redmond's even patching IE!

Patch Tuesday  It's Patch Tuesday time again, and Microsoft is warning that there are a bunch of critical fixes to sort out - and two actively exploited bugs.…

[syndicated profile] ryb40_feed
В понедельник, 9 июня, областной арбитражный суд принял решение о расторжении концессионного соглашения в сфере рыбинской теплоэнергетики.
[syndicated profile] ryb40_feed
С сегодняшнего дня транспортное движение по Переборскому тракту будет ограничено на пять дней.
[syndicated profile] ryb40_feed
Рыбинские выпускники получили первые результаты ЕГЭ — по литературе, истории и химии.
[syndicated profile] ryb40_feed
Создание образовательных комплексов в муниципальных образованиях Ярославской области по-прежнему является одной из самых обсуждаемых тем среди тех, кого реформа касается напрямую.
[syndicated profile] ryb40_feed
Снова рыбинцы вынуждены мириться с неприятными соседями — в городе активно плодятся чайки.
[syndicated profile] register_security_feed

Posted by Iain Thomson

Lone Star State drivers with accident records need to be careful about fraud

The Texas Department of Transportation says a compromised user account was used to improperly download nearly 300,000 crash reports, exposing personal data that could be exploited for financial fraud against Lone Star drivers.…

[syndicated profile] arstech_it_feed

Posted by Dan Goodin

Researchers have unearthed two publicly available exploits that completely evade protections offered by Secure Boot, the industry-wide mechanism for ensuring devices load only secure operating system images during the boot-up process. Microsoft is taking action to block one exploit and allowing the other one to remain a viable threat.

As part of Tuesday's monthly security update routine, Microsoft patched CVE-2025-3052, a Secure Boot bypass vulnerability affecting more than 50 device makers. More than a dozen modules that allow devices from these manufacturers to run on Linux allow an attacker with physical access to turn off Secure Boot and, from there, go on to install malware that runs before the operating system loads. Such “evil maid” attacks are precisely the threat Secure Boot is designed to prevent. The vulnerability can also be exploited remotely to make infections stealthier and more powerful if an attacker has already gained administrative control of a machine.

A single point of failure

The underlying cause of the vulnerability is a critical vulnerability in a tool used to flash firmware images on the motherboards of devices sold by DT Research, a manufacturer of rugged mobile devices. It has been available on VirusTotal since last year and was digitally signed in 2022, an indication it has been available through other channels since at least that earlier date.

Read full article

Comments

[syndicated profile] arstech_it_feed

Posted by Benj Edwards

OpenAI has struck a deal to use Google's cloud computing infrastructure for AI despite the two companies' fierce competition in the space, reports Reuters. The agreement, finalized in May after months of negotiations, marks a shift in OpenAI's strategy to diversify its computing resources beyond Microsoft Azure, which had been its exclusive cloud provider until January.

Microsoft's long-standing partnership with OpenAI dates back to 2019, with significant expansions of investment from the computer giant in 2021 and 2023. In October, The Information reported that the ChatGPT maker had begun to seek data center deals elsewhere, citing the need for more AI data center servers faster than Microsoft could supply them.

Under the new deal, Google Cloud will provide additional computing capacity to help OpenAI train and run its AI models. For OpenAI, the partnership addresses growing demands for computing power as the company's annual revenue reached $10 billion as of June, according to sources familiar with the matter who spoke to Reuters.

Read full article

Comments

[syndicated profile] arstech_it_feed

Posted by Benj Edwards

Meta has developed plans to create a new artificial intelligence research lab dedicated to pursuing "superintelligence," according to reporting from The New York Times. The social media giant chose 28-year-old Alexandr Wang, founder and CEO of Scale AI, to join the new lab as part of a broader reorganization of Meta's AI efforts under CEO Mark Zuckerberg.

Superintelligence refers to a hypothetical AI system that would exceed human cognitive abilities—a step beyond artificial general intelligence (AGI), which aims to match an intelligent human's capability for learning new tasks without intensive specialized training.

However, much like AGI, superintelligence remains a nebulous term in the field. Since scientists still poorly understand the mechanics of human intelligence, and because human intelligence resists simple quantification with no single definition, identifying superintelligence when it arrives will present significant challenges.

Read full article

Comments

[syndicated profile] grahamcluley_feed

Posted by Graham Cluley

In episode 54 of The AI Fix, Graham saves humanity with a CAPTCHA, Mark wonders whether AI can suffer, ChatGPT throws shade at Abba's Björn Ulvaeus, an AI called Jack ask if you want fries with that, an artist invents AI bird poop, and Eric Schmidt says we should unplug AI when it gets direct access to weapons.

Graham finds out what happens when a rag tag team of AIs is given 30 days to raise money for charity, and Mark explores model collapse and Claude Opus 4.0's weird obsession with a fictional factory-farmed chicken company.

All this and much more is discussed in the latest edition of "The AI Fix" podcast by Graham Cluley and Mark Stockley.
[syndicated profile] register_security_feed

Posted by Connor Jones

The open-source XDR/SIEM provider’s servers are in other botnets’ crosshairs too

Cybercriminals are trying to spread multiple Mirai variants by exploiting a critical Wazuh vulnerability, researchers say – the first reported active attacks since the code execution bug was disclosed.…

[syndicated profile] register_security_feed

Posted by Jon Kuhn, SVP product management

AI is your secret weapon against ransomware crooks. Here's how to use it

Partner Content  Cybercriminals are evolving, and so are the tools to stop them. As AI becomes more accessible, attackers are sharpening their tactics. But here's the good news: defenders are, too. AI is no longer a buzzword; it's a frontline weapon in the fight against ransomware.…

[syndicated profile] planetposgresql_feed

One of the things I admire most about PostgreSQL is its ease of getting started.

I have seen many developers and teams pick it up, launch something quickly, and build real value without needing a DBA or complex tooling. That simplicity is part of what makes PostgreSQL so widely adopted.

However, over time, as the application grows and traffic increases, new challenges emerge. Queries slow down, disk usage balloons, or a minor issue leads to unexpected downtime.

This is a journey I have witnessed unfold across many teams. I don’t think of it as a mistake or an oversight; it is simply the natural progression of a system evolving from development to production scale.

The idea behind this blog is to help you assess your current situation and identify steps that can enhance the robustness, security, and scalability of your PostgreSQL deployment.

1. Architecture: Is Your Deployment Designed to Withstand Failure?

As systems grow, so does the need for resilience. What worked fine on a single node during development might not hold up in production.

Questions to ask:

  • Are you still on a single-node setup?
  • Do you have at least one streaming replica?
  • Is failover possible — and tested?

Setting up high availability is about pre-emptive measures to ensure that your users continue to be serviced even in the face of software or hardware failures. Even a basic primary-replica setup can make a big difference. Add a failover tool like Patroni or repmgr, and you are well on your way to building a more resilient PostgreSQL foundation.

2. Configuration: Is PostgreSQL Tuned for Your Workload?

PostgreSQL’s defaults are intentionally conservative — they prioritize compatibility, not performance. That is great for getting started, but less ideal for scaling.

What to look for:

  • Is shared_buffers still set to 128MB?
  • Have you tuned work_mem or maintenance_work_mem based on query complexity?
  • Are your autovacuum settings helping or hurting your performance?

In many consulting engagements, tuning these parameters is the first step we take — and it often yields immediate, measurable improvements.

If your workload is increasing, your configuration should grow accordingly. This tuning is not just for performance — it is for predictability and peace of mind.

3. Security: Is Your Database Properly Locked Down?

Security often takes a back seat when speed is the priority. That is understandable, but once your system handles sensitive data or is exposed to the internet, you need stronger guardrails.

Areas to review:

  • Is Scram-SHA-256 authentication enabled?
  • Are you using SSL/TLS for encrypted connections?
  • Are roles and privileges clearly defined?

If your current authentication method still relies on trust or MD5, or if all apps use the same superuser login, it may be time to revisit your setup.

Even small changes, such as separating roles or enabling detailed logging with pgaudit, can make a significant difference.

4. Backups and Recovery: Can You Restore with Confidence?

Backups are often assumed to be “handled” — until you need them.

Healthy backup practices include:

  • Using physical backups with pg_basebackup or pgBackRest
  • Archiving WAL files for point-in-time recovery
  • Testing restores regularly (not just taking backups)

We often guide teams through recovery simulations as part of our PostgreSQL consulting. Many are surprised by how long the recovery takes, or how it is sometimes just plain unusable.

Having a backup is not the same as being able to restore reliably. In production, the distinction matters.

5. Monitoring and Observability: Are You Seeing What Matters?

Monitoring goes beyond CPU and memory. A production-grade PostgreSQL deployment needs visibility into database health, query performance, and replication status.

Recommended stack:

  • Prometheus with postgres_exporter for metrics
  • Grafana for dashboards and alerts
  • Observation tools like pgBadger

You do not need everything on day one, but you should have visibility into slow queries, replication lag, vacuum activity, and disk usage. Observability helps you identify and resolve problems before they impact users.

6. Performance: Is Your Database Keeping Up with Your Growth?

Performance degradation tends to creep in slowly, and it is usually not the fault of PostgreSQL itself.

Common causes we see:

  • Missing or misused indexes
  • Slow JOINs on large datasets
  • Ineffective partitioning strategies

If you are not regularly reviewing query plans with EXPLAIN (ANALYZE) or tracking unused indexes, there is likely room for improvement.

Some performance issues require deep analysis, but many are fixable with good indexing and tuning strategies. This is where targeted PostgreSQL consulting can deliver immediate value.

7. Maintenance and Upgrades: Are You Staying Current?

Keeping PostgreSQL healthy requires regular upkeep, not just when something breaks.

Things to check:

  • Are you running a supported version?
  • Are you on the latest minor version?
  • Is your upgrade process documented and tested?

A smooth upgrade path reduces risk and gives you access to performance improvements and security fixes. We have helped many teams upgrade from legacy versions — often with less friction than they expected.

The key is to plan, test, and document. Maintenance is less stressful when it is routine.

8. Support: Do You Have a Trusted PostgreSQL Partner?

You do not need a full-time DBA to run PostgreSQL in production, but you do need support when issues arise.

If you’re relying on community forums during an outage, consider seeking outside help.

We work with teams that want:

  • A second opinion on architecture or performance
  • Help tuning and scaling their workload
  • Peace of mind through health checks and 24/7 support

Even a short consulting engagement can provide clarity and help your team move forward with confidence.

Final Word: A Healthy PostgreSQL Deployment Is Built Over Time

If you are reading this and realize that your setup does not yet cover certain things, that is entirely okay.

No one gets everything right on their first try. Most PostgreSQL deployments evolve organically, and what starts as a simple instance often grows into something much more critical. Recognizing when it is time to harden your setup is a sign of maturity, not failure.

This checklist is intended to serve as a guide. Use it to reflect on the current state of your PostgreSQL deployment and identify areas that may require additional attention, such as implementing more robust backups, optimizing parameters, strengthening security, or establishing a comprehensive failover plan.

Checklist: Is Your PostgreSQL Deployment Production-Grade?Book a health check with us!

The post Checklist: Is Your PostgreSQL Deployment Production-Grade? appeared first on Stormatics.

Profile

beldmit: (Default)
Dmitry Belyavskiy

May 2025

S M T W T F S
    123
45678910
11121314151617
181920212223 24
25262728293031

Most Popular Tags

Page Summary

Style Credit

Expand Cut Tags

No cut tags
Page generated Jun. 12th, 2025 01:00 pm
Powered by Dreamwidth Studios