Detection of Attacks Targeting MS-SQL Servers Using AhnLab EDR

  • MS-SQL server with simple passwords exposed to the external internet is a common attack vector targeting Windows systems.
  • Attackers scan for improperly managed MS-SQL servers and attempt brute force or dictionary attacks to gain administrator access.
  • Once access is obtained, attackers can install malware and gain control over the infected system.
  • AhnLab Security Intelligence Center (ASEC) monitors and publishes new attack cases targeting improperly managed MS-SQL servers.
  • The post discusses the detection of attacks targeting MS-SQL servers using AhnLab EDR.

https://asec.ahnlab.com/ko/65583/