Security News

Microsoft SQL servers hacked to steal bandwidth for proxy services
2022-07-28 17:26

Threat actors are generating revenue by using adware bundles, malware, or even hacking into Microsoft SQL servers, to convert devices into proxies rented through online proxy services. To steal a device's bandwidth, the threat actors install software called 'proxyware' that allocates a device's available internet bandwidth as a proxy server that remote users can use for various tasks, like testing, intelligence collection, content distribution, or market research.

MS-SQL servers hacked to steal bandwidth with proxyware
2022-07-28 17:26

Threat actors have been adopting a less common method to generate revenue and are leveraging payloads to install proxyware services on target systems. Proxyware is a program that allows allocating available internet bandwidth over a proxy to users that need it for various tasks, like testing, intelligence collection, content distribution, or market research.

SonicWall: Patch critical SQL injection bug immediately
2022-07-22 17:01

SonicWall has published a security advisory today to warn of a critical SQL injection flaw impacting the GMS and Analytics On-Prem products.The flaw, tracked as CVE-2022-22280, allows SQL injection due to improper neutralization of special elements used in an SQL Command.

Django fixes SQL Injection vulnerability in new releases
2022-07-04 11:00

The Django project, an open source Python-based web framework has patched a high severity vulnerability in its latest releases. Tracked as CVE-2022-34265, the potential SQL Injection vulnerability impacts Django's main branch, and versions 4.1, 4.0, and 3.2, with patches and new releases issued that squash the vulnerability.

Hackers Gain Fileless Persistence on Targeted SQL Servers Using a Built-in Utility
2022-05-20 20:13

Microsoft on Tuesday warned that it recently spotted a malicious campaign targeting SQL Servers that leverages a built-in PowerShell binary to achieve persistence on compromised systems. The intrusions, which leverage brute-force attacks as an initial compromise vector, stand out for their use of the utility "Sqlps.exe," the tech giant said in a series of tweets.

Unsecured Microsoft SQL, MySQL servers hit by Gh0stCringe malware
2022-03-16 21:53

Hackers target poorly secured Microsoft SQL and MySQL database servers to deploy the Gh0stCringe remote access trojans on vulnerable devices. In a new report today by cybersecurity firm AhnLab, researchers outline how the threat actors behind GhostCringe are targeting poorly secured database servers with weak account credentials and no oversight.

Vulnerable Microsoft SQL Servers targeted with Cobalt Strike
2022-02-22 18:08

Threat analysts have observed a new wave of attacks installing Cobalt Strike beacons on vulnerable Microsoft SQL Servers, leading to deeper infiltration and subsequent malware infections. The attacks start with threat actors scanning for servers with an open TCP port 1433, which are likely public-facing MS-SQL servers.

Hackers Backdoor Unpatched Microsoft SQL Database Servers with Cobalt Strike
2022-02-21 23:22

Vulnerable internet-facing Microsoft SQL Servers are being targeted by threat actors as part of a new campaign to deploy the Cobalt Strike adversary simulation tool on compromised hosts. "Attacks that target MS SQL servers include attacks to the environment where its vulnerability has not been patched, brute forcing, and dictionary attack against poorly managed servers," South Korean cybersecurity company AhnLab Security Emergency Response Center said in a report published Monday.

WordPress 5.8.3 security update fixes SQL injection, XSS flaws
2022-01-10 15:28

The WordPress development team released version 5.8.3, a short-cycle security release that addresses four vulnerabilities, three of which are rated of high importance. The set includes an SQL injection on WP Query, a blind SQL injection via the WP Meta Query, an XSS attack via the post slugs, and an admin object injection.

Log4Shell-like security hole found in popular Java SQL database engine H2
2022-01-07 19:32

This time, the bug isn't in Apache's beleagured Log4j toolkit, but can be found in a popular Java SQL server called the H2 Database Engine. As a result, you can bundle the H2 SQL database code right into your own Java apps, and run your databases entirely in memory, with no need for separate server processes.