Adversaries are capitalizing on inadequately protected Microsoft SQL (MS SQL) servers in an operation known as DB#JAMMER, deploying both Cobalt Strike and a ransomware strain named FreeWorld, which appears to be a more recent iteration of the Mimic ransomware.
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.
Get through updates and upcoming events, and more directly in your inbox