Register now for better personalized quote!

Widespread JBoss Backdoors a Major Threat

Apr, 15, 2016 Hi-network.com

Recently a large scale ransomware campaign delivering Samsam changed the threat landscape for ransomware delivery. Targeting vulnerabilities in servers to spread ransomware is a new dimension to an already prolific threat. Due to information provided from our CiscoIRServices Team, stemming from a recent customer engagement, we began looking deeper into the JBoss vectors that were used as the initial point of compromise. Initially, we started scanning the internet for vulnerable machines. This lead us to approximately 3.2 million at-risk machines.

As part of this investigation, we scanned for machines that were already compromised and potentially waiting for a ransomware payload. We found approximately 2,000 machines with a backdoor already installed. Over the last few days, Talos has been in the process of notifying affected parties including: schools, governments, aviation companies, and more.  Several of these systems had one specific software solution in common.  Read the full post for details, advisories, and recommended remediation.

Read More>>


tag-icon Hot Tags : #Security Cisco Talos Talos Ransomware exploitation jboss

Copyright © 2014-2024 Hi-Network.com | HAILIAN TECHNOLOGY CO., LIMITED | All Rights Reserved.