Cybercriminals target MS SQL servers to deliver ransomware

Categories: Latest Cyber News
Help raise awareness by sharing this page:

A cyberattack campaign is targeting exposed Microsoft SQL (MS SQL) databases, aiming to deliver ransomware and Cobalt Strike payloads. The attack campaign The attackers target exposed MS SQL servers by brute-forcing access credentials. After having successfully authenticated, they start enumerating the database. A (too often) enabled xp_cmdshell function also allows attackers to run shell commands on the host and launch several payloads. Attackers then: Create new users on the victim host Make registry changes to … More

The post Cybercriminals target MS SQL servers to deliver ransomware appeared first on Help Net Security.


Thank you for visiting our page! For a deeper dive into this topic, discover the full article by clicking HERE.

«
»