Databases support critical applications and store sensitive information such as credit card numbers, social security numbers, and healthcare records. This presentation will provide an overview of the common threats and vectors that are often leveraged by attackers to gain unauthorized access to high value databases. It will also provide examples of how such databases are being used to escalate privileges in Windows environments and propagate botnets across the internet.