Cloud Threat Landscape

Incidents
Actors
Techniques
Defenses
Periodic Table
Tools
Targeted Technologies
About
RSS
STIX
Back to wiz.io

Cloud Threat Landscape

SQL Server to cloud lateral movement

Type

Campaign

Actors

Pub. date

October 3, 2023

Initial access

Web vulnerability

Impact

Data exfiltration

Observed techniques

SQL injection Use DNS for exfiltration IMDS abuse SQL commands

Targeted technologies

Microsoft SQL Server

References

https://www.microsoft.com/en-us/security/blog/2023/10/03/defending-new-vectors-threat-actors-attempt-sql-server-to-cloud-lateral-movement/

Status

Stub

Last edited

Jun 2, 2024 8:02 AM

Made with 💙 by Wiz

Last Updated: June 25, 2024