Ofir Balassiano is the head of security research at Dig security and a seasoned security researcher, specializing in low-level OS internals research and cloud security, with over 8 years of experience in the field. He is passionate about understanding how things work and enjoys applying his skills and knowledge to CTFs. During his time in the IDF intelligence unit, Ofir led a team of researchers working on critical technologies, honing his expertise in the security domain.
Cloud migration has revolutionized the way we work with databases, But the cloud provider's changes to popular database engines have created new attack vectors. Our presentation will explore the evolving database attack landscape in the cloud, showcasing a case study of a critical CloudSQL (GCP) vulnerability we recently found and advanced lateral movement and PE techniques.