SQL Rootkits

The traditional means of recovering a compromised system has been to rebuild the server and to reload the data. Rarely is the data validated to any extent in this process. In fact, many organizations have no idea of their data structures and it is rare to even find an up to date ERD (Entity Relationship Diagram). With T-SQL, PL-SQL and other extensions to the SQL language, this is a dangerous approach.

Never miss a story from Craig Wright (Bitcoin SV is the original Bitcoin)