Threat Actors Exploit MS SQL Servers to Deploy FreeWorld Ransomware

Sep 4, 2023

A campaign named DB#JAMMER is utilizing poorly secured MS SQL servers to distribute Cobalt Strike and a ransomware strain called FreeWorld. Cybersecurity firm Securonix revealed that the attackers gain initial access by brute-forcing the MS SQL server, followed by reconnaissance, system firewall impairment, and establishing persistence. 

Get Free Report & Network Analysis

Please check your email for the free report.