- May 4, 2019
- 801
- Content source
- https://asec.ahnlab.com/en/51343/
Poorly managed MS-SQL servers typically refer to those that are exposed to external connections and have simple account credentials, rendering them vulnerable to brute force or dictionary attacks. If a threat actor manages to log in, control over the system will be passed to them, allowing them to install malware or execute malicious commands.
Additionally, MS-SQL can be installed on both Windows servers and desktop environments. For example, there are cases where MS-SQL is installed alongside certain ERP and work-purpose solutions during their installation process. Because of this, Windows servers and Windows desktop environments can both be targeted for MS-SQL Server attacks.
Trigona Ransomware Attacking MS-SQL Servers - ASEC BLOG
AhnLab Security Emergency response Center (ASEC) has recently discovered the Trigona ransomware being installed on poorly managed MS-SQL servers. Trigona is a relatively recent ransomware that was first discovered in October 2022, and Unit 42 has recently published a report based on the...
asec.ahnlab.com