Posts: 16,194
Threads: 10,283
Thanks Received: 9,346 in 7,492 posts
Thanks Given: 10,317
Joined: 12 September 18
30 August 19, 07:55
Quote:
All over the world companies large and small use Microsoft SQL Server for database management. Highly popular yet insufficiently protected, this DBMS is a target of choice for hacking. One of the most common attack on Microsoft SQL Server — the remote attack based on malicious jobs — has been around for a long time, but it is still used to get access to workstations through less-than-strong administrator password.
According to our statistics, the majority of such attacks fall on Vietnam (>16%), Russia (~12%), India (~7%), China (~6%), Turkey and Brazil (5% each).
Attack description
Microsoft SQL Server attacks are normally massive in nature and have no particular target: the attackers scan sub-networks in search of a server with a weak password. The attack begins with a remote check of whether the system has MS SQL Server installed; next the intruders proceed to brute-force the account password to access the system. In addition to password brute-forcing, they may also resort to authorization via a user account token, authorized on a previously infected machine.
Continue Reading
Agent 1433: remote attack on Microsoft SQL Server
![[Image: malicious-tasks-in-ms-sql-server-1.png]](https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2019/08/21131533/malicious-tasks-in-ms-sql-server-1.png)
![[-]](https://www.geeks.fyi/images/collapse.png "[-]")
