You're listening to the Cyberwire Network, powered by N2K.

At TALIS, they know cybersecurity can be tough and you can't protect everything,

but with TALIS, you can secure what matters most.

With TALIS's industry-leading platforms, you can protect critical applications, data, and identities, anywhere and at scale with the highest

ROI. That's why the most trusted brands and largest banks, retailers, and healthcare companies in the

world rely on Talis to protect what matters most. Applications, retailers, and healthcare companies in the world rely on Talis to protect what matters most.

Applications, data, and identity.

That's Talis.

T-H-A-L-E-S.

Learn more at Talisgroup.com slash cyber.

Thank you. Hello, everyone, and welcome to the Cyberwires Research Saturday. I'm Dave Bittner, and this is our weekly conversation with researchers and analysts tracking down the threats and vulnerabilities,

solving some of the hard problems and protecting ourselves in a rapidly evolving cyberspace.

Thanks for joining us.

So Rusty Burles is actually just from the languages that the vulnerability uses, right?

The vulnerability is in two language extensions in Postgres, and those language extensions are Rust and Pearl.

So if you're imagining, you can either imagine like,

you know, a rusty pearl kind of like, think Pirates of the Caribbean, or you can imagine

the language extensions, the different, different syntaxes and whatnot.

Our guest today are Tal Pellig, senior product manager and Kobe Abrams, cybersecurity researcher at Veronis.

The research we're discussing is titled Rusty Pearl, Remote Code Execution in Postgres instances.

Tal, could you walk us through what remote code execution vulnerabilities mean when it comes to Postgres and what that means for organizations?

Sure. So a Postgres database, usually you can execute queries on them. Sometimes you have a web

...