Tag: sql
-
Best-Practices für den Schutz von kritischen Datenbanken
Viele Unternehmen verlassen sich auf Firewalls und starke Passwörter, um Datenbanken zu schützen. Doch Hacker sind heute deutlich effizienter und umgehen solche Barrieren mitunter mühelos. Häufig treffen sie dann auf ungepatchte SQL-Server oder Admin-Konten mit übermäßigen Berechtigungen. Für den wirksamen Schutz Ihrer Datenbanken sind drei Schritte entscheidend: Sie müssen verstehen, welche Systeme und Risiken vorhanden…
-
Ernst Young (EY): 4TB DB-Backup im Internet gefunden
Kleiner Nachtrag von voriger Woche. Bei Ernst & Young (kurz EY) hat es mutmaßlich einen veritablen Datenschutz- und Sicherheitsvorfall gegeben. Sicherheitsforscher sind im Internet auf eine Backup-Datei für einen SQL-Server gestoßen, die unverschlüsselt und ungeschützt erreichbar war. Die über 4 … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/03/ernst-young-ey-4tb-db-backup-im-internet-gefunden/
-
FreePBX Endpoint mit kritischer RCE-Schwachstelle CVE-2025-57819
Es gibt eine Schwachstelle CVE-2025-57819 in FreePX Endpoint. Eine nicht authentifizierte SQL-Injection-Möglichkeit kann zur Remote Code Execution (RCE) in dieser Software, die aus Teams-Ersatz verwendet wird, führen. Hier ein Übersicht über das Problem, welche mir die Tage untergekommen ist. Was … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/01/freepbx-endpoint-mit-kritischer-rce-schwachstelle-cve-2025-57819/
-
FreePBX Endpoint mit kritischer RCE-Schwachstelle CVE-2025-57819
Es gibt eine Schwachstelle CVE-2025-57819 in FreePX Endpoint. Eine nicht authentifizierte SQL-Injection-Möglichkeit kann zur Remote Code Execution (RCE) in dieser Software, die aus Teams-Ersatz verwendet wird, führen. Hier ein Übersicht über das Problem, welche mir die Tage untergekommen ist. Was … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/11/01/freepbx-endpoint-mit-kritischer-rce-schwachstelle-cve-2025-57819/
-
EY Exposes 4TB SQL Server Backup Publicly on Microsoft Azure
A massive 4TB SQL Server backup file belonging to global accounting giant Ernst & Young (EY) was discovered publicly accessible onMicrosoft Azure. Cybersecurity firm Neo Security discovered a 4TB SQL Server backup belonging to accounting giant Ernst & Young (EY) publicly accessible on Microsoft Azure during a routine scan. Neo Security’s lead researcher identified a…
-
AI-powered bug hunting shakes up bounty industry, for better or worse
Tags: access, ai, authentication, automation, bug-bounty, business, ciso, cloud, control, credentials, data, detection, exploit, flaw, guide, identity, infrastructure, injection, intelligence, risk, risk-management, sql, strategy, supply-chain, threat, tool, vulnerabilityFirehose of ‘false positives’: Gunter Ollmann, CTO at Cobalt.io, warns that AI is exacerbating the existing problem that comes from vendors getting swamped with often low-quality bug submissions.Security researchers turning to AI is creating a “firehose of noise, false positives, and duplicates,” according to Ollmann.”The future of security testing isn’t about managing a crowd of…
-
AI-powered bug hunting shakes up bounty industry, for better or worse
Tags: access, ai, authentication, automation, bug-bounty, business, ciso, cloud, control, credentials, data, detection, exploit, flaw, guide, identity, infrastructure, injection, intelligence, risk, risk-management, sql, strategy, supply-chain, threat, tool, vulnerabilityFirehose of ‘false positives’: Gunter Ollmann, CTO at Cobalt.io, warns that AI is exacerbating the existing problem that comes from vendors getting swamped with often low-quality bug submissions.Security researchers turning to AI is creating a “firehose of noise, false positives, and duplicates,” according to Ollmann.”The future of security testing isn’t about managing a crowd of…
-
EY exposes 4TB+ SQL database to open internet for who knows how long
The Big Four biz’s big fat fail exposed a boatload of secrets online First seen on theregister.com Jump to article: www.theregister.com/2025/10/29/ey_exposes_4tb_sql_database/
-
Massive 4TB EY Database Backup Found Publicly Accessible on Azure
A critical security vulnerability was discovered when a complete 4-terabyte SQL Server backup belonging to Ernst & Young (EY), one of the world’s Big Four accounting firms, was found publicly accessible on Microsoft Azure. The exposure was identified by security researchers during routine internet mapping operations and has since been remediated following responsible disclosure protocols.…
-
Massive 4TB EY Database Backup Found Publicly Accessible on Azure
A critical security vulnerability was discovered when a complete 4-terabyte SQL Server backup belonging to Ernst & Young (EY), one of the world’s Big Four accounting firms, was found publicly accessible on Microsoft Azure. The exposure was identified by security researchers during routine internet mapping operations and has since been remediated following responsible disclosure protocols.…
-
PassiveNeuron Cyberespionage Resurfaces: APT Abuses MS SQL Servers to Deploy Stealthy Neursite Backdoor
The post PassiveNeuron Cyberespionage Resurfaces: APT Abuses MS SQL Servers to Deploy Stealthy Neursite Backdoor appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/passiveneuron-cyberespionage-resurfaces-apt-abuses-ms-sql-servers-to-deploy-stealthy-neursite-backdoor/
-
‘PassiveNeuron’ Cyber Spies Target Orgs with Custom Malware
A persistent cyber espionage campaign focused on SQL servers is targeting government, industrial and financial sectors across Asia, Africa, and Latin America. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/-passiveneuron-cyber-spies-target-industrial-financial-orgs
-
Ivanti Patches 13 Endpoint Manager Flaws Allowing Remote Code Execution
Tags: cyber, endpoint, exploit, flaw, injection, ivanti, mitigation, remote-code-execution, sql, vulnerabilityIvanti has disclosed 13 vulnerabilities in Ivanti Endpoint Manager (EPM), including two high-severity issues that could enable privilege escalation and remote code execution, and eleven medium-severity SQL injection flaws. While there is no evidence of in-the-wild exploitation, Ivanti urges customers to move to the latest supported release and apply recommended mitigations as patches are still…
-
Ivanti Patches 13 Endpoint Manager Flaws Allowing Remote Code Execution
Tags: cyber, endpoint, exploit, flaw, injection, ivanti, mitigation, remote-code-execution, sql, vulnerabilityIvanti has disclosed 13 vulnerabilities in Ivanti Endpoint Manager (EPM), including two high-severity issues that could enable privilege escalation and remote code execution, and eleven medium-severity SQL injection flaws. While there is no evidence of in-the-wild exploitation, Ivanti urges customers to move to the latest supported release and apply recommended mitigations as patches are still…
-
Pro-Russian Hacktivist Targets OT/ICS Systems to Harvest Credentials
In September, a nascent pro-Russian hacktivist group known as TwoNet staged its first operational technology and industrial control systems (OT/ICS) intrusion against our water treatment utility honeypot. By exploiting default credentials and SQL-based schema extraction, the adversary ultimately created backdoor accounts and defaced the human-machine interface (HMI), demonstrating a concerning pivot from pure DDoS to…
-
False Positive: Microsoft Defender stuft SQL Server als End of Life ein
Der Fehler betrifft SQL Server 2017 und 2019. Microsoft arbeitet bereits an einer Lösung des Problems. First seen on golem.de Jump to article: www.golem.de/news/false-positive-microsoft-defender-stuft-sql-server-als-end-of-life-ein-2510-201032.html
-
Microsoft Defender mistakenly flags SQL Server as endlife
Microsoft is working to resolve a known issue that causes its Defender for Endpoint enterprise endpoint security platform to incorrectly tag SQL Server software as end-of-life. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-defender-mistakenly-flags-sql-server-as-end-of-life/
-
FreePBX SQL Injection Vulnerability Leads to Database Tampering
A critical SQL injection vulnerability in FreePBX, designated as CVE-2025-57819, has been actively exploited by attackers to modify the database and achieve arbitrary code execution on vulnerable systems. The vulnerability affects the popular open-source PBX platform that provides a web-based administration interface for managing Asterisk VoIP systems across all supported versions including FreePBX 15, 16, and…
-
ThreatsDay Bulletin: CarPlay Exploit, BYOVD Tactics, SQL C2 Attacks, iCloud Backdoor Demand & More
From unpatched cars to hijacked clouds, this week’s Threatsday headlines remind us of one thing, no corner of technology is safe. Attackers are scanning firewalls for critical flaws, bending vulnerable SQL servers into powerful command centers, and even finding ways to poison Chrome’s settings to sneak in malicious extensions.On the defense side, AI is stepping…
-
ThreatsDay Bulletin: CarPlay Exploit, BYOVD Tactics, SQL C2 Attacks, iCloud Backdoor Demand & More
From unpatched cars to hijacked clouds, this week’s Threatsday headlines remind us of one thing, no corner of technology is safe. Attackers are scanning firewalls for critical flaws, bending vulnerable SQL servers into powerful command centers, and even finding ways to poison Chrome’s settings to sneak in malicious extensions.On the defense side, AI is stepping…
-
Chinese APT group Phantom Taurus targets gov and telecom organizations
mssq.bat that connects to an SQL database using the sa (system administrator) ID with a password previously obtained by the attackers. It then performs a dynamic search for specific keywords specified in the script, saving the results as a CSV file.”The threat actor used this method to search for documents of interest and information related…
-
Threat Actors Exploiting MS-SQL Servers to Deploy XiebroC2 Framework
A surge in attacks targeting improperly managed MS-SQL servers, culminating in the deployment of the open-source XiebroC2 command-and-control (C2) framework. Similar in functionality to legitimate tools like Cobalt Strike, XiebroC2 offers capabilities for information gathering, remote control, and defense evasion, making it an attractive option for threat actors seeking a cost-effective intrusion platform. In one…
-
Threat Actors Exploiting MS-SQL Servers to Deploy XiebroC2 Framework
A surge in attacks targeting improperly managed MS-SQL servers, culminating in the deployment of the open-source XiebroC2 command-and-control (C2) framework. Similar in functionality to legitimate tools like Cobalt Strike, XiebroC2 offers capabilities for information gathering, remote control, and defense evasion, making it an attractive option for threat actors seeking a cost-effective intrusion platform. In one…
-
Meet ShadowLeak: ‘Impossible to detect’ data theft using AI
Tags: ai, attack, business, ciso, cybersecurity, data, data-breach, email, exploit, gartner, governance, injection, LLM, malicious, RedTeam, resilience, risk, sans, service, sql, supply-chain, technology, theft, tool, update, vulnerabilityWhat CSOs should do: To blunt this kind of attack, he said CSOs should:treat AI agents as privileged actors: apply the same governance used for a human with internal resource access;separate ‘read’ from ‘act’ scopes and service accounts, and where possible sanitize inputs before LLM (large language model) ingestion. Strip/neutralize hidden HTML, flatten to safe…
-
SQL Injection
SQL Injection (SQLi) remains one of the most persistent and dangerous web application vulnerabilities. Attackers who successfully exploit SQLi can read, modify, or delete sensitive data, bypass authentication, escalate privileges, and in some cases take full control of backend systems. This page explains SQL Injection in plain language, shows why it matters, covers types and…
-
9 unverzichtbare Open-Source-Security-Tools
Tags: attack, authentication, backdoor, blueteam, breach, ciso, cyersecurity, data-breach, encryption, incident response, intelligence, linux, mail, malware, monitoring, open-source, powershell, privacy, risk, software, sql, threat, tool, vulnerability, windowsDiese Open-Source-Tools adressieren spezifische Security-Probleme mit minimalem Footprint.Cybersicherheitsexperten verlassen sich in diversen Bereichen auf Open-Source-Lösungen nicht zuletzt weil diese im Regelfall von einer lebendigen und nutzwertigen Community gestützt werden. Aber auch weil es inzwischen Hunderte qualitativ hochwertiger, quelloffener Optionen gibt, um Breaches und Datenlecks auf allen Ebenen des Unternehmens-Stacks zu verhindern.Falls Sie nun gedanklich bereits…
-
Microsoft’s September Security Update High-Risk Vulnerability Notice for Multiple Products
Overview On September 10, NSFOCUS CERT detected that Microsoft released the September Security Update patch, fixing 86 security issues involving widely used products such as Windows, Microsoft Office, Azure, and Microsoft SQL Server, including high-risk vulnerability types such as privilege escalation and remote code execution. Among the vulnerabilities fixed by Microsoft’s monthly update this month,…The…
-
We’ve crossed the security singularity – Impart Security
Tags: access, ai, api, attack, authentication, breach, ciso, compliance, credentials, cyber, cyberattack, cybersecurity, data, data-breach, defense, detection, exploit, framework, group, hacker, incident response, injection, intelligence, Internet, msp, password, penetration-testing, ransomware, risk, risk-assessment, skills, software, sql, strategy, supply-chain, threat, update, vulnerability, zero-day, zero-trustThe Bottom Line: We’ve Crossed the Security Singularity “ The Security Singularity: When AI Democratized Cyberattacks We’ve crossed a threshold that fundamentally changes cybersecurity forever. Not with fanfare or headlines, but quietly, in the background of our AI-powered world. The expertise barrier that once separated script kiddies from sophisticated threat actors has simply… vanished. I…
-
Microsoft Patch Tuesday security updates for September 2025 fixed two zero-day flaws
Microsoft Patch Tuesday security updates for September 2025 fixed 80 vulnerabilities, including two publicly disclosed zero-day flaws. Microsoft Patch Tuesday security updates for September 2025 addressed 80 vulnerabilities in Windows and Windows Components, Office and Office Components, Microsoft Edge (Chromium-based), Azure, Hyper-V, SQL Server, Defender Firewall Service, and Xbox (yup Xbox!). Eight of the […]…