SQL Server to cloud lateral movement (Campaign)

[email protected] (Wiz Threat Research) 2023-10-03T00:00:00+00:00 View Original

Full Report

On 2023-10-03, a campaign was reported, involving an unknown actor, gaining initial access via Web vulnerability, while using SQL injection, Use DNS for exfiltration, IMDS abuse, SQL commands, targeting Microsoft SQL Server to achieve Data exfiltration.

Analysis Summary