A cyberattack campaign has been discovered compromising exposed Microsoft SQL Server (MSSQL) databases, using brute-force attacks to deliver ransomware and Cobalt Strike payloads. According to an investigation by Securonix, the typical attack sequence observed for this campaign begins with brute forcing access into the exposed MSSQL databases.

Source: Dark Reading: Cloud