#Ransomware: Cyberangriffe auf #MSSQL-Datenbanken | Security https://www.heise.de/news/Ransomware-Cyberangriffe-auf-MSSQL-Datenbanken-9293829.html #Malware #Freeworld

FreeWorld hört sich ja gut an, ist aber mindestens Ransomware. Angegriffen werden mittels BruteForce erreichbare Microsoft-SQL-Server.
Mehr hier: https://www.securonix.com/blog/securonix-threat-labs-security-advisory-threat-actors-target-mssql-servers-in-dbjammer-to-deliver-freeworld-ransomware/

#Ransomware #FreeWorld #Microsoft #MSSQL #Server

Ritorno alle password! La campagna DB#Jammer sfrutta MS-SQL per lanciare il ransomware

I #criminali #informatici utilizzano server #Microsoft SQL (#MSSQL) vulnerabili per diffondere il #ransomware. Lo riferiscono i ricercatori di Securonix, che hanno dato a questa campagna dannosa il nome in codice “DB#Jammer”.

Condividi questo post se hai trovato la news interessante.

#redhotcyber #online #it #web #ai #hacking #privacy #cybersecurity #cybercrime #intelligence #intelligenzaartificiale #informationsecurity #ethicalhacking #dataprotection #cybersecurityawareness #cybersecuritytraining #cybersecuritynews #infosecurity

https://www.redhotcyber.com/post/ritorno-alle-password-la-campagna-dbjammer-sfrutta-ms-sql-per-lanciare-il-ransomware/

I have an sql server express(2019) locally installed. On it i have a database with a tiny stored procedure. I'm trying to connect to this database via spring boot and execute this procedure. But i always get an sql exception that the procedure could not be found. Has anyone come across this problem?

Code for the procedure:
https://pastebin.com/X0n4W7gE

Springboot Controller Method:
https://pastebin.com/jWEd2QHB

Testcall via powershell: https://pastebin.com/fcxvfC8Z

#java #springboot #mssql #springjdbc

The latest release of PSBlitz:
- has been updated with the latest sp_Blitz, sp_BlitzCache, sp_BlitzFirst, sp_BlitzIndex, sp_BlitzLock, and sp_BlitzWho, from Brent Ozar's August release of the First Responder Kit
- outputs execution plans for queries involved in deadlocks if they are still in the cache.
- adds a new report page containing deadlock-related execution plan info

https://github.com/VladDBA/PSBlitz

#sqlserver #sqldba #powershell #microsoftsqlserver #mssqlserver #mssql #mssqldba #PSBlitz

This is just a brief post containing a script to get table sizes in SQL Server, along with some other information like table type, number of records, partition count, compression type, number of nonclustered indexes and their total size.

https://vladdba.com/2023/08/24/script-to-get-table-sizes-in-sql-server/

#sqlserver #sqldba #microsoftsqlserver #mssqlserver #mssql #mssqldba #dba #tsql

In this post I’ll cover ways of speeding up SELECT COUNT as well as some myths about best practices when it comes to SELECT COUNT.

https://vladdba.com/2023/08/21/speeding-up-select-count-in-sql-server/

#sqlserver #sqldba #microsoftsqlserver #mssqlserver #mssql #mssqldba

I know my Dunning Kruger effect is high on this. But why hasnt someone built a MSSQL to PGSQL so you could replace MSSQL with PGSQL and client apps would be none the wiser. (im talking basic queries, not all features) #dev #mssql #pgsql

How do I install MSSQL Server on Ubuntu #mssql

https://askubuntu.com/q/1482802/612

Am I the only one to really prefer #sqlserver #mssql compared to #postgresql and #mysql ? 😆

I love the features, quality of the tooling and backup management.

Just a shame than this one is not open source, and still waiting for ARM support (until that there is Azure SQL edge that is kind of equivalent).

And you what is your favorite and why ?

#developer #sre #devops #dba #database #dotnet #python

The latest release of PSBlitz:
- returns info about opened transactions (including those belonging to sleeping sessions)
- has been updated with Brent Ozar's June release of the First Responder Kit
- adds comment-based help info
- lets you know when checks returned no records
- includes other bug fixes and minor improvements
#sqlserver #sqldba #powershell #microsoftsqlserver #mssqlserver #mssql #mssqldba #PSBlitz
https://github.com/VladDBA/PSBlitz

In this post I'll cover a quick way to get access to SQL Server when you don't have a login and don't know the password for the SA account.
This is perfect for when you "inherit" an instance from another team.
https://vladdba.com/2023/08/07/get-access-to-sql-server-when-you-dont-have-the-sa-password/

#sqlserver #dba #mssqlserver #mssql #sqlserverdba #powershell

This is a brief post about how to fix "The certificate chain was issued by an authority that is not trusted" error when using @dbatools

https://vladdba.com/2023/07/29/fix-certificate-authority-that-is-not-trusted-when-using-dbatools

#sqlserver #dba #mssqlserver #mssql #sqlserverdba #powershell #dbatools

Question for #MSSQL people.

Should you write
(a) ISNULL(SUM([x]),0) or
(b) SUM(ISNULL([x],0))

Or are they equivalent in all cases? Came across an old post on stackoverflow today that said (b) was incorrect (which I had used previously) but trying both on several queries they both returned the same result.

In this post I'm covering the risks brought on by not securing SQL Server's service account and setting it to run under a privileged account, and demo how an attacker can leverage it to gain access to the instance's host.
It was fun using Burp Suite Pro to demo data exfiltration through HTTP, as well as HoaxShell to demo initiating a reverse shell connection, all from SQL Server.

https://vladdba.com/2023/07/24/securing-sql-servers-service-account/

#sqlserver #dba #mssqlserver #mssql #sqlserverdba #windows #security #hoaxshell #burpsuite

Kennt jemand eine Firma oder Freelancer der #MSSQL Expert:in ist? Wir suchen da jemand der für uns mal Dinge überprüft.

When using #MSSQL databases, the Microsoft #sqlserver and its database(s) should be properly monitored. Consol Labs' free check_mssql_health #monitoring plugin does this job perfectly.

In my newest #blog article a particular MSSQL #database ran into a "available free space" warning. Here's how to manually increase the database size using Microsoft SQL Server Management Studio (SSMS). 👇

https://www.claudiokuenzler.com/blog/1328/mssql-available-space-alert-manually-grow-database-file-ssms

In this post I address improper configurations and their impact, as well as recommendations for securing SQL Server linked servers.

https://vladdba.com/2023/07/10/securing-sql-server-linked-servers

#sqlserver #dba #mssqlserver #mssql #sqlserverdba #windows #security

For those of you working with #Microsoft #Dynamics how can I go about this ?

#Help #msdynamics #Navision #sql #mssql

In this post I cover two ways of properly securing xp_cmdshell in SQL Server 2022 to avoid unrestricted access to the underlying Windows OS.
#sqlserver #dba #mssqlserver #mssql #sqlserverdba #windows
https://vladdba.com/2023/06/29/securing-xp_cmdshell-in-sql-server-2022