Microsoft recently observed a campaign targeting SQL servers that, like many attacks, uses brute force methods for initial compromise. What makes this campaign stand out is its use of the in-box utility sqlps.exe.

— Microsoft Threat Intelligence (@MsftSecIntel) May 17, 2022