SQL Server to cloud lateral movement

Type

Campaign

Actors

❓Unknown

Pub. date

October 3, 2023

Initial access

Web vulnerability

Impact

Data exfiltration

Observed techniques

SQL injectionUse DNS for exfiltrationIMDS abuseSQL commands

Targeted technologies

Microsoft SQL Server

References

https://www.microsoft.com/en-us/security/blog/2023/10/03/defending-new-vectors-threat-actors-attempt-sql-server-to-cloud-lateral-movement/

Status

Stub

Last edited

Jun 2, 2024 8:02 AM