#candc — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #candc, aggregated by home.social.
-
Q1 2026 Malware Statistics Report for Windows Database Servers
During the first quarter of 2026, Windows-based MS-SQL and MySQL database servers experienced consistent malicious attacks with a temporary decrease in February before rising again in March. The primary threat actor, Larva-26002, leveraged various utilities including BCP, curl, bitsadmin, and PowerShell to deploy a Go-based scanner called ICE Cloud, which contained Turkish language strings and C&C-based scanning capabilities. This tool attempted MS-SQL authentication using predefined credentials. Attack methods primarily consisted of brute force attacks, dictionary attacks, and exploitation of unpatched systems with misconfigured accounts stemming from inadequate account management practices.
Pulse ID: 69de00aae91f11a6bf2fbe68
Pulse Link: https://otx.alienvault.com/pulse/69de00aae91f11a6bf2fbe68
Pulse Author: AlienVault
Created: 2026-04-14 08:54:02Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BruteForce #CandC #Cloud #CyberSecurity #ICS #InfoSec #MSSQL #Malware #MySQL #OTX #OpenThreatExchange #PowerShell #RCE #SQL #Turkish #Windows #bot #AlienVault
-
Q1 2026 Malware Statistics Report for Windows Database Servers
During the first quarter of 2026, Windows-based MS-SQL and MySQL database servers experienced consistent malicious attacks with a temporary decrease in February before rising again in March. The primary threat actor, Larva-26002, leveraged various utilities including BCP, curl, bitsadmin, and PowerShell to deploy a Go-based scanner called ICE Cloud, which contained Turkish language strings and C&C-based scanning capabilities. This tool attempted MS-SQL authentication using predefined credentials. Attack methods primarily consisted of brute force attacks, dictionary attacks, and exploitation of unpatched systems with misconfigured accounts stemming from inadequate account management practices.
Pulse ID: 69de00aae91f11a6bf2fbe68
Pulse Link: https://otx.alienvault.com/pulse/69de00aae91f11a6bf2fbe68
Pulse Author: AlienVault
Created: 2026-04-14 08:54:02Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BruteForce #CandC #Cloud #CyberSecurity #ICS #InfoSec #MSSQL #Malware #MySQL #OTX #OpenThreatExchange #PowerShell #RCE #SQL #Turkish #Windows #bot #AlienVault
-
Q1 2026 Malware Statistics Report for Windows Database Servers
During the first quarter of 2026, Windows-based MS-SQL and MySQL database servers experienced consistent malicious attacks with a temporary decrease in February before rising again in March. The primary threat actor, Larva-26002, leveraged various utilities including BCP, curl, bitsadmin, and PowerShell to deploy a Go-based scanner called ICE Cloud, which contained Turkish language strings and C&C-based scanning capabilities. This tool attempted MS-SQL authentication using predefined credentials. Attack methods primarily consisted of brute force attacks, dictionary attacks, and exploitation of unpatched systems with misconfigured accounts stemming from inadequate account management practices.
Pulse ID: 69de00aae91f11a6bf2fbe68
Pulse Link: https://otx.alienvault.com/pulse/69de00aae91f11a6bf2fbe68
Pulse Author: AlienVault
Created: 2026-04-14 08:54:02Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BruteForce #CandC #Cloud #CyberSecurity #ICS #InfoSec #MSSQL #Malware #MySQL #OTX #OpenThreatExchange #PowerShell #RCE #SQL #Turkish #Windows #bot #AlienVault
-
Q1 2026 Malware Statistics Report for Windows Database Servers
During the first quarter of 2026, Windows-based MS-SQL and MySQL database servers experienced consistent malicious attacks with a temporary decrease in February before rising again in March. The primary threat actor, Larva-26002, leveraged various utilities including BCP, curl, bitsadmin, and PowerShell to deploy a Go-based scanner called ICE Cloud, which contained Turkish language strings and C&C-based scanning capabilities. This tool attempted MS-SQL authentication using predefined credentials. Attack methods primarily consisted of brute force attacks, dictionary attacks, and exploitation of unpatched systems with misconfigured accounts stemming from inadequate account management practices.
Pulse ID: 69de00aae91f11a6bf2fbe68
Pulse Link: https://otx.alienvault.com/pulse/69de00aae91f11a6bf2fbe68
Pulse Author: AlienVault
Created: 2026-04-14 08:54:02Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BruteForce #CandC #Cloud #CyberSecurity #ICS #InfoSec #MSSQL #Malware #MySQL #OTX #OpenThreatExchange #PowerShell #RCE #SQL #Turkish #Windows #bot #AlienVault
-
Q1 2026 Malware Statistics Report for Windows Database Servers
During the first quarter of 2026, Windows-based MS-SQL and MySQL database servers experienced consistent malicious attacks with a temporary decrease in February before rising again in March. The primary threat actor, Larva-26002, leveraged various utilities including BCP, curl, bitsadmin, and PowerShell to deploy a Go-based scanner called ICE Cloud, which contained Turkish language strings and C&C-based scanning capabilities. This tool attempted MS-SQL authentication using predefined credentials. Attack methods primarily consisted of brute force attacks, dictionary attacks, and exploitation of unpatched systems with misconfigured accounts stemming from inadequate account management practices.
Pulse ID: 69de00aae91f11a6bf2fbe68
Pulse Link: https://otx.alienvault.com/pulse/69de00aae91f11a6bf2fbe68
Pulse Author: AlienVault
Created: 2026-04-14 08:54:02Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BruteForce #CandC #Cloud #CyberSecurity #ICS #InfoSec #MSSQL #Malware #MySQL #OTX #OpenThreatExchange #PowerShell #RCE #SQL #Turkish #Windows #bot #AlienVault