Posted on May 19, 2022

Brute-force attacks targeting MSSQL servers, Microsoft warns

PO1 William "Chip" Nagel

1.28K

5

1

4

0

The Redmond software giant has issued a warning explaining how databases with weak passwords might get compromised:

"The attackers achieve fileless persistence by spawning the sqlps.exe utility, a PowerShell wrapper for running SQL-built cmdlets, to run recon commands and change the start mode of the SQL service to LocalSystem," the Microsoft Security Intelligence team revealed.

Brute-force attacks targeting MSSQL servers, Microsoft warns

Posted from techradar.com

Posted in these groups: B2d808c9

Posted >1 y ago

Responses: 1

1

0

Maj (Join to see)

Posted >1 y ago

Why people put databases directly on the internet still baffles me. Databases should be at the innermost point of your layered defense. We suck at cybersecurity because people are too lazy or cheap to do things correctly, not because of any technical reasons.

(1)

Comment

(0)

Brute-force attacks targeting MSSQL servers, Microsoft warns

Brute-force attacks targeting MSSQL servers, Microsoft warns

Join nearly 2 million former and current members of the US military, just like you.