1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Attacks on Microsoft SQL have seen a huge rise

    From TechnologyDaily@1337:1/100 to All on Mon Nov 7 12:00:04 2022
    Attacks on Microsoft SQL have seen a huge rise

    Date:
    Mon, 07 Nov 2022 11:43:08 +0000

    Description:
    Threat actors have been installing all kinds of nasties on Microsoft SQL,
    from Cobalt Strike beacons to ransomware.

    FULL STORY ======================================================================

    As threat actors seek to gain access to corporate infrastructure, theyre increasingly turning to Microsoft SQL Server as their entry point of preference, a new report from Kaspersky has warned.

    Its research claims attacks using Microsoft SQL Server rose by more than half (56%) in September 2022 compared to the same period last year, as during that month alone, the number of compromised servers grew to more than 3,000 endpoints .

    With July and August being the exception, the number of such attacks has been gradually increasing over the past year, Kaspersky added, and kept above
    3,000 since April 2022. Sloppy defending

    Despite Microsoft SQL Servers popularity, companies may not be giving sufficient priority to protect against threats associated with the software. Attacks using malicious SQL Server jobs have been known for a long time, but it is still used by perpetrators to gain access to a companys infrastructure, said Sergey Soldatov, Head of Security Operations Center at Kaspersky. Read more

    Microsoft SQL servers hit by Cobalt Strike attacks


    Brute-force attacks targeting MSSQL servers, Microsoft warns


    These are the best antivirus software right now

    There had been multiple recent incidents where Microsoft SQL Servers has been abused by threat actors, with the latest coming just over a month ago. In
    late September 2022, cybersecurity researchers from AhnLab Security Emergency Response Center reported of an ongoing campaign distributing the FARGO ransomware to MS-SQL servers. In this incident, the attackers went for unprotected endpoints , or those guarded by weak and easily cracked
    passwords.

    In April, on the other hand, threat actors were observed installing Cobalt Strike beacons on such devices. News of attacks against MS-SQL has also
    popped up in May, June, as well as October, this year.

    In most instances, threat actors would scan the internet for endpoints with
    an open TCP port 1433, and then conduct brute-force attacks against them, until they guess the password. Check out the best firewalls around



    ======================================================================
    Link to news story: https://www.techradar.com/news/attacks-on-microsoft-sql-have-seen-a-huge-rise/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)