A Deep Dive into Database Attacks [Part II]: Delivery and Execution of Malicious Executables through SQL commands (SQL Server)

A Deep Dive into Database Attacks [Part II]: Delivery and Execution of Malicious Executables through SQL commands (SQL Server)

An organization’s database servers are frequently the prime target of attackers. We recently started a new research project to learn more about database hacking, primarily to understand common database attacks, tools and techniques engaged by attackers. To conduct this research, we set up a honeypot net for popular SQL/NoSQL databases ... Read More
A Deep Dive into Database Attacks [Part I]: SQL Obfuscation

A Deep Dive into Database Attacks [Part I]: SQL Obfuscation

Today, data breaches are a threat to every organization. According to a report from Risk Based Security covering the first half of 2017, over 6 billion records were exposed through 2,227 publicly-disclosed data breaches. The number of exposed records is already higher than the previous all-time high at the end ... Read More