Blog Post

Should I Be Worried About skip-2.0?

,

A new piece of malware which hooks into SQL Server, skip-2.0, has been making the tech media rounds. If you’ve not read about it yet or you’re looking for more details, I’ve written a quick article discussing the finer details:

Skip-2.0 Malware Impacts SQL Server – Should I Be Worried?

The big takeaway I’ve been telling folks who have asked about it: skip-2.0 can only be deployed successfully *AFTER* the adversary has administrative rights to the OS. Therefore, it’s not a new way of getting in. It’s a way to maintain access and cover tracks. The real concern is how the adversary can get in. That’s not a SQL Server problem. That’s an OS and account management one.

 

Original post (opens in new tab)
View comments in original post (opens in new tab)

Rate

You rated this post out of 5. Change rating

Share

Share

Rate

You rated this post out of 5. Change rating