{"id":52325,"date":"2023-06-13T20:52:08","date_gmt":"2023-06-13T20:52:08","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/34718\/MSSQL-Makes-Up-93-Of-All-Activity-On-Honeypots-Across-10-DBs.html"},"modified":"2023-06-13T20:52:08","modified_gmt":"2023-06-13T20:52:08","slug":"mssql-makes-up-93-of-all-activity-on-honeypots-across-10-dbs","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/mssql-makes-up-93-of-all-activity-on-honeypots-across-10-dbs\/","title":{"rendered":"MSSQL Makes Up 93% Of All Activity On Honeypots Across 10 DBs"},"content":{"rendered":"<p>Honeypots focused on tracking activity on database servers based in Russia, Ukraine, Poland, the UK, China, and the U.S. found that Microsoft SQL (MSSQL) made up 93% of all attack activity.<\/p>\n<p>In a <a rel=\"noreferrer noopener\" href=\"https:\/\/www.trustwave.com\/en-us\/resources\/blogs\/spiderlabs-blog\/honeypot-recon-global-database-threat-landscape\/\" target=\"_blank\">blog post June 13<\/a>, Trustwave\u2019s SpiderLabs said its study shows that security teams have to take database security very seriously.<\/p>\n<p>\u201cThis means using strong, unique passwords and unusual usernames, using strong and secure authentication, disabling default accounts and enabling multi-factor authentication,\u201d said the researchers<\/p>\n<p>The SpiderLabs researchers said security teams should also keep a close eye on who\u2019s trying to access the system and with which privileges, as well as keeping software up to date and to conduct frequent security audits. They added that the lopsided results around MSSQL convinced them to do another study around MSSQL that will come out later this month.<\/p>\n<p>While the UK had the most MSSQL attacks (21.84%), China (21.49%) was a close second followed by Ukraine (19.52%), Russia (17.54%), Poland (11.54%), and the United States (8.08%). The attacks carried out against MSSQL instances were very intense. According to Shodan, there are over 450,000 MSSQL instances available on the internet with more than 133,000 instances located in China.<\/p>\n<figure><img alt srcset=\"https:\/\/www.scmagazine.com\/_next\/image?url=https%3A%2F%2Ffiles.scmagazine.com%2Fwp-content%2Fuploads%2F2023%2F06%2F0613_spider_labs_graph.jpg&amp;w=750&amp;q=75 1x, https:\/\/www.scmagazine.com\/_next\/image?url=https%3A%2F%2Ffiles.scmagazine.com%2Fwp-content%2Fuploads%2F2023%2F06%2F0613_spider_labs_graph.jpg&amp;w=1920&amp;q=75 2x\" src=\"https:\/\/www.scmagazine.com\/_next\/image?url=https%3A%2F%2Ffiles.scmagazine.com%2Fwp-content%2Fuploads%2F2023%2F06%2F0613_spider_labs_graph.jpg&amp;w=1920&amp;q=75\" width=\"697\" height=\"418\" decoding=\"async\" data-nimg=\"1\" class=\"MediaItem_img__WJ8V4\" loading=\"lazy\"><figcaption>Source: Trustwave SpiderLabs<\/figcaption><\/figure>\n<p>SpiderLabs said it\u2019s possible the UK and <a href=\"https:\/\/www.scmagazine.com\/news\/threat-intelligence\/china-linked-apt-south-china-sea-tensions\" target=\"_blank\" rel=\"noreferrer noopener\">China<\/a> had so many attacks because they are a global communications hub for many industries and corporations. On the other hand, sensors in <a href=\"https:\/\/www.scmagazine.com\/feature\/critical-infrastructure\/the-russia-ukraine-war-is-causing-some-to-rethink-the-role-of-offensive-cyber-operations-in-armed-conflict\" target=\"_blank\" rel=\"noreferrer noopener\">Ukraine and Russia<\/a> (the center of the most recent hostilities) have also had a very difficult time with somewhat similar scores.<\/p>\n<p>The researchers were somewhat surprised by the high attack activity recorded on the tcp\/6379 port for the Redis database. Redis, the second most attacked database, was launched in 2009, but it\u2019s becoming more popular at companies and also among attackers. According to Shodan, Redis instances are above 270,000, while instances with open port 6379\/tcp are above 600,000 \u2014 so it makes sense this database has become attractive to attackers.<\/p>\n<p>Along with MSSQL and Redis, SpiderLabs set sensors on the following other databases:&nbsp;MySQL, MongoDB, PostgreSQL, Oracle DB, IBM DB2 (Unix\/Win), Cassandra, and Couchbase. The database servers were listening on their default TCP ports.<\/p>\n<p>Setting up such honeypots have become a vital piece of defense intelligence when leveraged correctly and objectively analyzed, said Andrew Barratt, vice president at Coalfire. Barratt said security teams can use this data to offer proof of the ongoing hostility on the internet.&nbsp;<\/p>\n<p>\u201cOften the question of \u2018does this really happen\u2019 comes up from executive leaders, and honeypots provide some interesting insights into tactics being deployed that can make the need for cyber defense budgets more real,\u201d said Barratt.<\/p>\n<p>Joseph Carson, chief security scientist and Advisory CISO at Delinea, said the latest blog from Trustwave highlights where cybercriminals have more automation and experience with different types of databases.&nbsp;Carson said attackers tend to try and automate as many known exploits as possible and credential-based attacks so when new databases appear on the public internet the automated bots focus and attack them with increased intensity.&nbsp;<\/p>\n<p>\u201cLess common databases tend to be less targeted, but the attackers who have more experience and get hands on will likely have more success,\u201d said Carson. \u201cSo it comes as no surprise that MSSQL is a top target due to its common usage, however, the hope is that the best security practices are in place such as multi-factor authentication, strong privileged access controls and patch management to ensure that all known and common vulnerabilities are patched.\u201d<\/p>\n<p>READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/34718\/MSSQL-Makes-Up-93-Of-All-Activity-On-Honeypots-Across-10-DBs.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[60],"tags":[10555],"class_list":["post-52325","post","type-post","status-publish","format-standard","hentry","category-packet-storm","tag-headlinehackermicrosoftdatabaseflaw"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v28.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>MSSQL Makes Up 93% Of All Activity On Honeypots Across 10 DBs 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/mssql-makes-up-93-of-all-activity-on-honeypots-across-10-dbs\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"MSSQL Makes Up 93% Of All Activity On Honeypots Across 10 DBs 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/mssql-makes-up-93-of-all-activity-on-honeypots-across-10-dbs\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-06-13T20:52:08+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.scmagazine.com\/_next\/image?url=https%3A%2F%2Ffiles.scmagazine.com%2Fwp-content%2Fuploads%2F2023%2F06%2F0613_spider_labs_graph.jpg&amp;w=1920&amp;q=75\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mssql-makes-up-93-of-all-activity-on-honeypots-across-10-dbs\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mssql-makes-up-93-of-all-activity-on-honeypots-across-10-dbs\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"MSSQL Makes Up 93% Of All Activity On Honeypots Across 10 DBs\",\"datePublished\":\"2023-06-13T20:52:08+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mssql-makes-up-93-of-all-activity-on-honeypots-across-10-dbs\\\/\"},\"wordCount\":582,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mssql-makes-up-93-of-all-activity-on-honeypots-across-10-dbs\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.scmagazine.com\\\/_next\\\/image?url=https%3A%2F%2Ffiles.scmagazine.com%2Fwp-content%2Fuploads%2F2023%2F06%2F0613_spider_labs_graph.jpg&amp;w=1920&amp;q=75\",\"keywords\":[\"headline,hacker,microsoft,database,flaw\"],\"articleSection\":[\"Packet Storm\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mssql-makes-up-93-of-all-activity-on-honeypots-across-10-dbs\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mssql-makes-up-93-of-all-activity-on-honeypots-across-10-dbs\\\/\",\"name\":\"MSSQL Makes Up 93% Of All Activity On Honeypots Across 10 DBs 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mssql-makes-up-93-of-all-activity-on-honeypots-across-10-dbs\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mssql-makes-up-93-of-all-activity-on-honeypots-across-10-dbs\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.scmagazine.com\\\/_next\\\/image?url=https%3A%2F%2Ffiles.scmagazine.com%2Fwp-content%2Fuploads%2F2023%2F06%2F0613_spider_labs_graph.jpg&amp;w=1920&amp;q=75\",\"datePublished\":\"2023-06-13T20:52:08+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mssql-makes-up-93-of-all-activity-on-honeypots-across-10-dbs\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mssql-makes-up-93-of-all-activity-on-honeypots-across-10-dbs\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mssql-makes-up-93-of-all-activity-on-honeypots-across-10-dbs\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.scmagazine.com\\\/_next\\\/image?url=https%3A%2F%2Ffiles.scmagazine.com%2Fwp-content%2Fuploads%2F2023%2F06%2F0613_spider_labs_graph.jpg&amp;w=1920&amp;q=75\",\"contentUrl\":\"https:\\\/\\\/www.scmagazine.com\\\/_next\\\/image?url=https%3A%2F%2Ffiles.scmagazine.com%2Fwp-content%2Fuploads%2F2023%2F06%2F0613_spider_labs_graph.jpg&amp;w=1920&amp;q=75\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/mssql-makes-up-93-of-all-activity-on-honeypots-across-10-dbs\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,microsoft,database,flaw\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackermicrosoftdatabaseflaw\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"MSSQL Makes Up 93% Of All Activity On Honeypots Across 10 DBs\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"MSSQL Makes Up 93% Of All Activity On Honeypots Across 10 DBs 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/mssql-makes-up-93-of-all-activity-on-honeypots-across-10-dbs\/","og_locale":"en_US","og_type":"article","og_title":"MSSQL Makes Up 93% Of All Activity On Honeypots Across 10 DBs 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/mssql-makes-up-93-of-all-activity-on-honeypots-across-10-dbs\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-06-13T20:52:08+00:00","og_image":[{"url":"https:\/\/www.scmagazine.com\/_next\/image?url=https%3A%2F%2Ffiles.scmagazine.com%2Fwp-content%2Fuploads%2F2023%2F06%2F0613_spider_labs_graph.jpg&amp;w=1920&amp;q=75","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/mssql-makes-up-93-of-all-activity-on-honeypots-across-10-dbs\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/mssql-makes-up-93-of-all-activity-on-honeypots-across-10-dbs\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"MSSQL Makes Up 93% Of All Activity On Honeypots Across 10 DBs","datePublished":"2023-06-13T20:52:08+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/mssql-makes-up-93-of-all-activity-on-honeypots-across-10-dbs\/"},"wordCount":582,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/mssql-makes-up-93-of-all-activity-on-honeypots-across-10-dbs\/#primaryimage"},"thumbnailUrl":"https:\/\/www.scmagazine.com\/_next\/image?url=https%3A%2F%2Ffiles.scmagazine.com%2Fwp-content%2Fuploads%2F2023%2F06%2F0613_spider_labs_graph.jpg&amp;w=1920&amp;q=75","keywords":["headline,hacker,microsoft,database,flaw"],"articleSection":["Packet Storm"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/mssql-makes-up-93-of-all-activity-on-honeypots-across-10-dbs\/","url":"https:\/\/www.threatshub.org\/blog\/mssql-makes-up-93-of-all-activity-on-honeypots-across-10-dbs\/","name":"MSSQL Makes Up 93% Of All Activity On Honeypots Across 10 DBs 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/mssql-makes-up-93-of-all-activity-on-honeypots-across-10-dbs\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/mssql-makes-up-93-of-all-activity-on-honeypots-across-10-dbs\/#primaryimage"},"thumbnailUrl":"https:\/\/www.scmagazine.com\/_next\/image?url=https%3A%2F%2Ffiles.scmagazine.com%2Fwp-content%2Fuploads%2F2023%2F06%2F0613_spider_labs_graph.jpg&amp;w=1920&amp;q=75","datePublished":"2023-06-13T20:52:08+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/mssql-makes-up-93-of-all-activity-on-honeypots-across-10-dbs\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/mssql-makes-up-93-of-all-activity-on-honeypots-across-10-dbs\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/mssql-makes-up-93-of-all-activity-on-honeypots-across-10-dbs\/#primaryimage","url":"https:\/\/www.scmagazine.com\/_next\/image?url=https%3A%2F%2Ffiles.scmagazine.com%2Fwp-content%2Fuploads%2F2023%2F06%2F0613_spider_labs_graph.jpg&amp;w=1920&amp;q=75","contentUrl":"https:\/\/www.scmagazine.com\/_next\/image?url=https%3A%2F%2Ffiles.scmagazine.com%2Fwp-content%2Fuploads%2F2023%2F06%2F0613_spider_labs_graph.jpg&amp;w=1920&amp;q=75"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/mssql-makes-up-93-of-all-activity-on-honeypots-across-10-dbs\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,microsoft,database,flaw","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackermicrosoftdatabaseflaw\/"},{"@type":"ListItem","position":3,"name":"MSSQL Makes Up 93% Of All Activity On Honeypots Across 10 DBs"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52325","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=52325"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/52325\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=52325"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=52325"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=52325"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}