May 24, 2024

Hackers are utilizing susceptible Microsoft SQL Servers to assault Azure VMs, in accordance with Microsoft safety researchers.

In response to BleepingComputer, Microsoft’s researchers report that hackers are utilizing Microsoft SQL Servers which can be susceptible to SQL injections, a standard vulnerability that always goes unpatched. The outlet described the assault chain:

The assaults Microsoft noticed begin with exploiting an SQL injection vulnerability in an software within the goal’s surroundings.

This permits the menace actors to realize entry to the SQL Server occasion hosted on Azure Digital Machine with elevated permissions to execute SQL instructions and extract precious information.

This consists of information on databases, desk names, schemas, database variations, community configuration, and skim/write/delete permissions.

BleepingComputer says Microsoft recommends utilizing Defender for Cloud and Defender for Endpoint to move off the assault by catching the SQL injection makes an attempt.