The root of MySQL's security evil?
The recent worm attack that hit thousands of MySQL installations reflects a growing trend in the malware world. This worm doesn't exploit a weakness in the MySQL code--it exploits lazy admins who could protect themselves with one simple step.
The MySQL worm, like many others, uses a brute-force attack to guess a target's root password. Far too often, it only needs one guess: the default password, which the admin never changed.
By Matt McKenzie at Linux Pipeline.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.