South Korean cyber security organisation AhnLab has identified a breach in Microsoft SQL servers allowing deployment of Trigona ransomware. The attacks were threat actors using brute-force or dictionary attacks with obtained or guessed credentials to infiltrate externally accessible MS-SQL servers.

We recently engaged in a conversation with our team of experts regarding their ongoing server hardening project. We inquired about the obstacles encountered during manual hardening procedures and asked if they’d be willing to explain the underlying reasons for issues that arise when automation is not employed. Their latest encounter with a client provided a valuable opportunity to further expound on strategies to mitigate these challenges.