all InfoSec news
Defending new vectors: Threat actors attempt SQL Server to cloud lateral movement
Microsoft Security Blog www.microsoft.com
Microsoft security researchers recently identified an attack where attackers attempted to move laterally to a cloud environment through a SQL Server instance. The attackers initially exploited a SQL injection vulnerability in an application within the target’s environment to gain access and elevated permissions to a Microsoft SQL Server instance deployed in an Azure Virtual Machine (VM). The attackers then used the acquired elevated permission to attempt to move laterally to additional cloud resources by abusing the server’s cloud identity.
The …
access application attack attackers cloud defending environment exploited injection instance lateral movement microsoft microsoft security microsoft sql microsoft sql server permissions researchers security security researchers server sql sql injection sql server target threat threat actors vulnerability