Security News

JET engine flaws can crash Microsoft's IIS, SQL Server, say Palo Alto researchers
2021-05-06 04:59

A trio of researchers at Palo Alto Networks has detailed vulnerabilities in the JET database engine, and demonstrated how those flaws can be exploited to ultimately execute malicious code on systems running Microsoft's SQL Server and Internet Information Services web server. In a talk today at Black Hat Asia titled Give Me a SQL Injection, I Shall PWN IIS and SQL Server, the three explained they found the JET engine - for years an underlying tech for Microsoft Access and other products, and still downloadable today - has many vulnerabilities.

SQL Server Malware Tied to Iranian Software Firm, Researchers Allege
2021-01-21 19:42

Now, researchers with Sophos have tracked the origin of the campaign to what they claim is a small software development company based in Iran. "The name of an Iran-based software company was hardcoded into the miner's main configuration file," said researchers with Sophos in a Thursday analysis.

Adventures in SQL Server 2019: Microsoft updates the update that broke the update
2020-10-02 19:06

There was good news for administrators of Microsoft's SQL Server 2019 last night as Cumulative Update 8 emerged, fixing the borkage of its predecessor. Things haven't been going well for the SQL Server 2019 servicing model: Cumulative Update 2 left the SQL Agent a bit unhappy.

Week in review: Zoom security, Marriott breach, MS SQL servers under attack
2020-04-05 07:55

Marriott International 2020 data breach: 5.2 million customers affectedMarriott International has suffered a new data breach in mid-January 2020, which affected approximately 5.2 million guests. Are your MS SQL servers part of a cryptomining botnet? Check now!For the last two years or so, attackers have been infecting and reinfecting poorly secured MS SQL servers, booting other criminals' malware from them and exploiting their compute power to mine Vollar and Monero cryptocurrency.

Are your MS SQL servers part of a cryptomining botnet? Check now!
2020-04-02 12:35

For the last two years or so, attackers have been infecting and reinfecting poorly secured MS SQL servers, booting other criminals' malware from them and exploiting their compute power to mine Vollar and Monero cryptocurrency. Microsoft SQL Server is a relational database management system/software that can run on computers running any of the most popular operating systems.

Vollgar Campaign Targets MS-SQL Servers With Backdoors, Crypto-Miners
2020-04-02 04:15

A recently uncovered attack campaign that stayed under the radar since May 2018 has targeted Microsoft SQL servers with backdoors and crypto-miners, Guardicore Labs reveals. Attacks begin with MS-SQL brute force login attempts and continue with a series of configuration changes to allow command execution.

Cyberscum target Microsoft SQL Server boxen – and some careless sysadmins were reinfected after cleaning it out
2020-04-01 19:02

"The Vollgar attack chain also demonstrates the competitive nature of the attacker, who diligently and thoroughly kills other threat actors' processes," the firm said in a statement. Lead researcher Ophir Harpaz said in a research report: "Overall, Vollgar attacks originated in more than 120 IP addresses, the vast majority of which are in China. These are most likely compromised machines, repurposed to scan and infect new victims."

WARNING: Hackers Install Secret Backdoor on Thousands of Microsoft SQL Servers
2020-04-01 06:02

Named "Vollgar" after the Vollar cryptocurrency it mines and its offensive "Vulgar" modus operandi, researchers at Guardicore Labs said the attack employs password brute-force to breach Microsoft SQL servers with weak credentials exposed to the Internet. Researchers claim the attackers managed to successfully infect nearly 2,000-3,000 database servers daily over the past few weeks, with potential victims belonging to healthcare, aviation, IT & telecommunications, and higher education sectors across China, India, the US, South Korea, and Turkey.

IDERA expands portfolio of cloud-based database and workload management solutions for SQL Server
2020-03-12 02:30

IDERA, a provider of powerful database productivity tools, announced an expanded portfolio of cloud-based database and workload management solutions for SQL Server. SQL Inventory Manager to automatically discover, track, and manage SQL Server inventory and perform health checks, including SQL Server in the cloud.

Stealthy Microsoft SQL Server Backdoor Malware Spotted in the Wild
2019-10-22 12:04

Cybersecurity researchers claim to have discovered a previously undocumented backdoor specifically designed for Microsoft SQL servers that could allow a remote attacker to control an already...