Blog

 Secure Your SQL Server To Avoid This Malware Infection

Apr 2, 2022 | Blog

Do you rely on Microsoft SQL and MySQL databases?  If so, be advised that the cybersecurity firm AhnLab recently published a report about a newly emerging threat.

It seems that hackers are now targeting poorly secured Microsoft SQL and MySQLdatabases with a malware strain known as GhostCringe.

If you’re not familiar with it, GhostCringe is also known as CirenegRAT. It is a variant of the GhostRAT malware made famous by the Chinese government in a series of attacks in 2020, but dating back to 2018.

Of interest, it seems that the threat actors behind the GhostCringe attack aren’t alone.  A forensic analysis of compromised servers indicates that several other malware strains were present. That suggests that competing gangs of hackers were all competing to break into the same databases as part of their own campaigns.

As malware strains go, GhostCringe isn’t the worst or most destructive we’ve seen, but it does make rather aggressive use of its keylogging function. So once any passwords you enter on the system have been compromised, they will be fed directly to the hackers who control the code and that could expose you to a whole world of pain.

This is a genuine threat that should be taken seriously.  The first step in terms of taking it seriously is to make sure your server software is up to date with the latest security patches applied.  In addition to that, please do not make the mistake of either not setting an administrator password or setting one that is weak and easily guessed.

Those are rookie mistakes that are easy to avoid, and you don’t want to be the business owner who lost tens of thousands of dollars to a mistake like that.

Finally, be relentless in terms of monitoring all activity on your server including suspicious “reconnaissance” activity which could be a harbinger of things to come.

FBI Program Tasked with Infrastructure Security Compromised

FBI Program Tasked with Infrastructure Security Compromised

The FBI program tasked with ensuring critical infrastructure security has been compromised by hackers, who now offer access to the program's data on the dark web. The breach was initially disclosed by Brian Krebs of Krebs on Security, who claims that the data was for...

Streamline Your Business with the Latest Smart Home Technology

Streamline Your Business with the Latest Smart Home Technology

Are you a business owner looking to get the most out of your Google smart home devices? If so, you're in luck! Google has enabled its Nest products and Android OS with the initial rollout of the Matter smart home standard. This means that businesses now have the...

Data Breach at Sequoia One Exposes Sensitive Customer Information

Data Breach at Sequoia One Exposes Sensitive Customer Information

What do you do when your most personal information has been compromised? This is likely the question that customers of Sequoia One asked themselves earlier this month as they were informed that the company had been hacked. Sequoia One specializes in the management of...

Cisco Reports Critical IP Phone Vulnerability

Cisco Reports Critical IP Phone Vulnerability

As a business owner, it's important to stay informed about potential vulnerabilities that could impact your organization. Recently, Cisco reported a critical vulnerability, tracked as CVE-2022-20968, affecting its IP Phone 7800 and 8800 Series. This new vulnerability...

Google Chrome Releases Two New Features

Google Chrome Releases Two New Features

Google Chrome is one of the more commonly used web browsers. Over the years, though, Chrome has gained a reputation for utilizing a large portion of a computer's memory. This can be a problem if you're running other resource-intensive tasks and don't want to slow...

Get a Free Consultation

 

Fill out the form below to receive a free consultation and learn how we can make your technology worry-free!

 

Contact Information

  • 39301 Badger Street, Suite 500
    Palm Desert, CA 9221
  • (760) 333-8523
  • info@icn.tech