Sign up to save your podcasts
Or
Share A fine pearl gone rusty. [Research Saturday]
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
A fine pearl gone rusty. [Research Saturday]
Tal Peleg, Senior Product Manager, and Coby Abrams, Cyber Security Researcher of Varonis, discussing their work and findings on Rusty Pearl - Remote Code Execution in Postgres Instances. The flaw could allow attackers to execute arbitrary commands on a database server’s operating system, leading to potential data theft, destruction, or lateral movement across networks.
While the vulnerability existed in PostgreSQL, Amazon RDS and Aurora were not affected, thanks to built-in protections like SELinux and AWS’s automated threat detection. Still, the research underscores the importance of patching and configuration hygiene in managed database environments.
The research can be found here:
Rusty Pearl: Remote Code Execution in Postgres Instances
Learn more about your ad choices. Visit megaphone.fm/adchoices
View all episodes
By The CyberWireTal Peleg, Senior Product Manager, and Coby Abrams, Cyber Security Researcher of Varonis, discussing their work and findings on Rusty Pearl - Remote Code Execution in Postgres Instances. The flaw could allow attackers to execute arbitrary commands on a database server’s operating system, leading to potential data theft, destruction, or lateral movement across networks.
While the vulnerability existed in PostgreSQL, Amazon RDS and Aurora were not affected, thanks to built-in protections like SELinux and AWS’s automated threat detection. Still, the research underscores the importance of patching and configuration hygiene in managed database environments.
The research can be found here:
Rusty Pearl: Remote Code Execution in Postgres Instances
Learn more about your ad choices. Visit megaphone.fm/adchoices