"Ransomware Attackers Are Targeting Exposed Microsoft SQL Databases, Report Says"

Researchers at Securonix found ransomware campaigns using Internet-exposed Microsoft SQL (MSSQL) databases as a launching point for attacks against victim systems. Oleg Kolesnikov, vice president of threat research at Securonix, says the typical attack sequence starts with brute-force attempts to access exposed MSSQL databases. According to Securonix researchers, it is unclear whether the hackers are making dictionary-based or random password spray attempts. Once a database's password is cracked, attackers expand their foothold within the target system and use MSSQL as a launchpad for various payloads, such as Remote Access Trojan (RAT) malware and ransomware. This article continues to discuss the exploitation of Internet-exposed MSSQL databases in ransomware campaigns. 

The Record reports "Ransomware Attackers Are Targeting Exposed Microsoft SQL Databases, Report Says"