Yes, supply chain attacks can happen to MariaDB users too!
Abstract
In the past years we’ve seen some clear attacker trends in cybersecurity. Ransomware as a Service and supply chain attacks seem to be quite “attractive” for cyber criminals. Instead of going directly after their targets, attackers instead try to take advantage of the supply chain, compromising less defended resources used by their victims in order to gain access to their networks.
We lay the foundation of this talk using the challenges and visions proposed by the MariaDB Foundation and discuss a brief history of supply chain attacks and the role played by critical software infrastructure pieces such as the database as well as how one can (a person or an organization) protect themselves against them.
Other links
Date and time
- Tuesday 5 October, 17.25 – 18.20 CEST (UTC +2), 11.25am – 12:20pm New York time, 23:25 – 00:20 Beijing/Singapore time
Presenters
Dan Demeter
Security researcher – Kaspersky
Dan graduated from Imperial College London and holds a Master of Engineering in Software Engineering. He joined Kaspersky in 2014 and since then his work focuses on developing threat intelligence systems, processing big data and creating new technologies to fight advanced persistent threats.
While monitoring local and European threat landscape, Dan is also involved in the Honeypots-as-a-Service project, working on joint research with multiple industry players, trying to protect against IoT malware and attacks. Additionally, he also monitors fake news / disinformation and public opinion swinging campaigns happening in the past 3 years. Part of his research can be seen in recordings from various conferences such as The Security Analyst Summit, Def Camp, Hack.Lu, Hack In the Box GSEC, etc.
When not meddling around with network cables or bricking routers he can be found playing board games and snowboarding the slopes across the world.