Cobalt Strike Being Distributed to Unsecured MS-SQL Servers
The ASEC analysis team has recently discovered the distribution of Cobalt Strike targeting unsecured MS-SQL servers. MS-SQL server is a typical database server of the Windows environment, and it has consistently been a target of attack from the past. Attacks that target MS-SQL servers include attacks to the environment where its vulnerability has not been patched, brute forcing, and dictionary attack against poorly managed servers. The attacker or the malware usually scans port 1433 to check for MS-SQL servers open … Continue reading Cobalt Strike Being Distributed to Unsecured MS-SQL Servers
92 Comments