How can we help you today? How can we help you today?

SQL Monitor Security Vulnerability

We received an email today regarding a security vulnerability in SQL Monitor.  Based on the email design, it looks like a phishing attempt.  If this does exist, can someone point me towards documentation on the issue?
jstrate
0

Comments

16 comments

Sort by
  • webpursuits
    I received the same...legit?
    webpursuits
    0
  • jeffchirco
    I received as well and I agree the email looks like a phishing attempt.  I forwarded it to my rep. Glad I wasn't the only one to think this.
    jeffchirco
    0
  • RavishingR
    After looking around I followed the link to here: 
    https://www.red-gate.com/products/dba/sql-monitor/entrypage/security-vulnerability-october-2018?_hsenc=p2ANqtz-97lQw3tt0suK3nMLAp3VN8zzIu5Ct1J7DDYs05efPgPd4NVY3JSuZPbj02ZVKN6D94EWGgvdIJsaRapf4T1Dp9lMqotp8yO5bWEpDt2GbGSDe4Hs4&_hsmi=66718880 
    It was definitely bad practice hiding a download link behind a sketchy looking url router like "Hub Spot Email". The email should have said to go to the website and find it yourself. 

    RavishingR
    0
  • Russell D
    The announcement is legitimate.
    Russell D
    0
  • DarienA
    Came to search for this very topic, this email looks sketchy as heck, I'll be emailing my sales rep to point out the issues with it.
    DarienA
    0
  • mikewerts
    This is indeed legit.  The following link show upgrade notes for 8.0.19 but doesn't mention security...

    https://documentation.red-gate.com/sm8/release-notes-and-other-versions/sql-monitor-8-0-release-notes?_ga=2.104009344.1887869072.1539701317-1721444002.1519999268
    mikewerts
    0
  • jeffchirco
    Pretty funny that the vulnerability is about being tricked into visiting a malicious link but that is exactly what the email wanted us to do.
    jeffchirco
    0
  • TMowbray
    Can someone from RG comment as this looks really odd and I have logged it with our service desk as a phishing attempt. The from is supposedly CEO Tony Payne, yet your site info has another name....I too looked at the hubspotemail as a funny address to follow, same for the link that was supposedly to your site. This needs to be officially corrected before I will believe it.




    TMowbray
    0
  • BryanEargle
    Agree it's weird, looks like the release notes now mention the security fix - guess it was added after release notes were originally posted?
    BryanEargle
    0
  • Alex B
    Hi all,

    Yes, the links are legitimate - as @Russell D above indicates - they are going through our hubspot which makes these somewhat unsavory looking links.  The links posted above are direct to the pages themselves and are where the hubspot links are directed.

    The email is from Tony Payne COO (Chief Operations Office) which is correct; Simon Galbraith is the CEO.

    We agree that the links look extremely suspicious (especially given the circumstances) and we have fed this back to our internal teams.

    Also, the release notes have just been updated with the extra information now that the email has been released as seen above.

    My apologies for the confusion and scare!

    Kind regards,
    Alex
    Alex B
    0
  • kfrazier
    I emailed my rep last week due to receiving an email from with hubspotemail link. I think they are using hubspot as a marketing tool to track clicks. This is shady and I refuse to click on these links. I have to manually find the answers. I think it is a very poor decision on red-gate's part as everyone is getting training not to click on links like this and companies are doing test to see who does click on links like this and sending them for training or discipline.  If anybody of any power is reading this please stop this is a very poor practice. 
    kfrazier
    0
  • jeffchirco
    I agree kfrazier. We do the same training here.
    jeffchirco
    0
  • Sian
    Does anyone know in what version of SQL Monitor this security vulnerability was introduced?
    Sian
    0
  • DarienA
    This is the email I sent to my sales rep today:

    Hey William I received this email today and to my eye it looks very suspect. I did find confirmation on your website that it is legit: https://www.red-gate.com/products/dba/sql-monitor/entrypage/security-vulnerability-october-2018?_hsenc=p2ANqtz-97lQw3tt0suK3nMLAp3VN8zzIu5Ct1J7DDYs05efPgPd4NVY3JSuZPbj02ZVKN6D94EWGgvdIJsaRapf4T1Dp9lMqotp8yO5bWEpDt2GbGSDe4Hs4&_hsmi=66718880&_ga=2.130576393.783027082.1539702323-301011559.1538759718

     

    But let me point out some concerns:

     

    1. No company logos in the email
    2. Generic formatting
    3. No email disclaimers (which some company’s include in their emails)
    4. None of the url’s in the email when viewed actually point back to red-gate.com.

     

    Now when looking at the header information it does look this came from your email servers and I did find in your support forums conversations about the email which directed me to the above url.

     

    While the below email is personalized with my name that could simply be a case of your customer db being compromised (which thankfully isn’t the case here).

     

    I hope that you folks will give more thought into how your format these types of notifications going forward.



    DarienA
    0
  • Markus
    I upgraded to 8.0.19 late yesterday after it was confirmed that this was legit.  Running fine here.
    Markus
    0
  • Russell D
    Sian said:
    Does anyone know in what version of SQL Monitor this security vulnerability was introduced?
    Since it's been a web-app, so v1.0 of SQL Response, as it was back then.
    Russell D
    0

Add comment

Please sign in to leave a comment.