The New Wave of Security Threats
New AI tools are discovering older vulnerabilities in software, as well as new ones. Get ready for a bunch of patches to come out.
2026-05-09
130 reads
Security
Securing Your Databases in 2026: Best Practices for the Evolving Threat Landscape
In 2026, your approach to both applications and databases must be focused on practical and technical real-world operations and use cases rather than just hype.
2026-02-16
Exploiting SQL Server Date Correlation Optimization: How Tampered Backups Enable Cross-Database Data Leaks
This article reveals a critical SQL Server flaw: attackers can weaponize Date Correlation Optimization (DCO) views in restored backups
2026-02-13
No Defaults Passwords Ever
Steve doesn't see a reason why we should have default passwords on systems ever.
2026-01-17
68 reads
Minimally Viable Security
Today Steve talks about the need for a basic level of security in our software.
2026-01-05
76 reads
SQL Server DBaaS Vulnerability: Decrypting System Code & Exfiltrating User Data
Security in cloud environments is both challenging and fascinating, particularly for Database-as-a-Service (DBaaS) offerings like Amazon RDS, GCP CloudSQL and Alibaba ApsaraDB RDS. The cloud vendor acts as the system administrator, managing the operating system, patching, and backups, while the user manages their data and databases.
2025-12-03
2025-10-15
110 reads
The Security of Old Tech
Older technology can introduce security issues, along with performance ones. Keeping your systems somewhat up to date is important for security.
2025-09-12
76 reads
Password Guidance
Passwords are essential and also a problem in many organizations. Guidance has changed over the years and Steve has a few thoughts on what's recommended today.
2025-09-10
137 reads
Zero-Trust Architecture for Cloud-Based AI Systems
Zero-Trust Architecture (ZTA) emerges as a strong security paradigm for cloud-based AI systems, fundamentally operating on the principle of “never trust, always verify.” Unlike conventional security models, ZTA assumes potential compromise exists within the network and requires continuous verification of every access request regardless of origin.
2025-07-09
Blogs
From SQL Saturday to Day of Data
By ReviewMyDB
A behind-the-scenes look at Day of Data Jacksonville 2026, the transition from SQL Saturday,...
PostgreSQL 18 Finally Makes BUFFERS the Default. Here Is Why That Matters
You run EXPLAIN ANALYZE on a slow query, stare at the plan, and something...
A New Word: La Guadière
By Steve Jones
la guadière – n. a glint of goodness you notice in something that you...
Forums
BCA KCU BOGOR | Tlp/Wa:0818751777
Tlp/Wa_Cs:0818-751-777. Jl. Ir. H. Juanda No.28, RT.03/RW.02, Paledang, Kecamatan Bogor Tengah, Kota Bogor, Jawa...
non ascii columns in a utf-8 .txt file
hi, we couldnt get our upstream data source developers to supply what is sometimes...
PolyBase Trace Flags
Are there any good articles on all the trace flags that are enabled on...
Question of the Day
Running SQLCMD I
I run the SQLCMD utility as follows:
lcmd -S localhost -EI then type this (the 1> is the prompt):
1> select @@version goIf I hit enter, what happens? See possible answers