Trigona Ransomware Attacking MS-SQL Servers

[correlate]

[correlate]

Level 18
Thread author
Verified
Top Poster
Well-known
Forum Veteran
May 4, 2019
791
9,574
1,670
New York
Content source
https://asec.ahnlab.com/en/51343/
Poorly managed MS-SQL servers typically refer to those that are exposed to external connections and have simple account credentials, rendering them vulnerable to brute force or dictionary attacks. If a threat actor manages to log in, control over the system will be passed to them, allowing them to install malware or execute malicious commands.
Additionally, MS-SQL can be installed on both Windows servers and desktop environments. For example, there are cases where MS-SQL is installed alongside certain ERP and work-purpose solutions during their installation process. Because of this, Windows servers and Windows desktop environments can both be targeted for MS-SQL Server attacks.
Click to expand...
asec.ahnlab.com

Trigona Ransomware Attacking MS-SQL Servers - ASEC BLOG

AhnLab Security Emergency response Center (ASEC) has recently discovered the Trigona ransomware being installed on poorly managed MS-SQL servers. Trigona is a relatively recent ransomware that was first discovered in October 2022, and Unit 42 has recently published a report based on the...
asec.ahnlab.com asec.ahnlab.com
 
  • Like
  • +Reputation
Reactions: Gandalf_The_Grey, Nevi, harlan4096 and 1 other person
You must log in or register to reply here.

You may also like...