From Brute-Force to BlueSky Ransomware

Summary:

A focused campaign directed at publicly accessible MSSQL servers unfolded, entailing malicious actors’ utilization of Cobalt Strike and Tor2Mine. After gaining successful network access, the adversaries deployed the BlueSky ransomware across the entire network.

Threat Level – Amber | Attack Report

For a detailed threat advisory, download the pdf file here

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.