Microsoft security researchers recently identified a campaign where attackers attempted to move laterally to a cloud environment through a SQL Server instance. This attack technique demonstrates an approach we’ve seen in other cloud services such as VMs and Kubernetes cluster, but not in SQL Server. The attackers initially exploited a SQL injection vulnerability in an application within the target
![Defending new vectors: Threat actors attempt SQL Server to cloud lateral movement | Microsoft Security Blog](https://cdn-ak-scissors.b.st-hatena.com/image/square/64696240b2ce6cc0ed68132e133e692636cc63cb/height=288;version=1;width=512/https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fsecurity%2Fblog%2Fwp-content%2Fuploads%2F2023%2F10%2FMDC23_DatacenterHotaisle_007-scaled.jpg)