Databases as sophisticated attack infrastructure.
What it’s about
Let’s forget basic SQL injection, data deletion or information theft. We already know that.
This talk is about how attackers can use databases as part of sophisticated attack infrastructure:
- Databases as C2 (Command & Control)
- Advanced persistence via DB
- Lateral movement using DB infrastructure
- Covert exfiltration
- Parallels with malware evolution
Why it’s relevant
Databases are at the heart of every modern system. But they’re rarely thought of as advanced attack vectors.
This talk shows how a sophisticated attacker can leverage DB infrastructure for attacks that go far beyond conventional methods.