Cybercriminals target MS SQL servers to deliver ransomware
A cyberattack campaign is targeting exposed Microsoft SQL (MS SQL) databases, aiming to deliver ransomware and Cobalt Strike payloads. The attack campaign The attackers target exposed MS SQL servers by brute-forcing access credentials. After having successfully authenticated, they start enumerating the database. A (too often) enabled xp_cmdshell function also allows attackers to run shell commands on the host and launch several payloads. Attackers then: Create new users on the victim host Make registry changes to … More
The post Cybercriminals target MS SQL servers to deliver ransomware appeared first on Help Net Security.
Thank you for stopping by our page. If you'd like to learn more about this topic, you can find the full article by clicking HERE