Re: [keycloak-user] Jboss vulnerability

Is Keycloak 1.8 susceptible to this vulnerability? Cisco Talos has identified millions of vulnerable JBoss servers that can potentially be infected with SamSam ransomware Attackers used a JBoss-specific exploit called JexBoss -- a Jboss verification and exploitation tool -- to compromise vulnerable servers and then install webshells and backdoors for remote access. Cisco Talos researchers found that compromised JBoss servers typically have more than one webshell installed, suggesting that the systems have been repeatedly compromised by different actors. The list of webshells include mela, shellinvoker, jbossinvoker, zecmd, cmd, genesis, sh3ll, and jbot. http://www.infoworld.com/article/3058254/security/patch-jboss-now-to-prev... __________________________ *BEN BAZIAN* *Director, Information Systems* MBO Partners cid:image001.png@01D057F2.BE72C880 *t*: 703.793.6010 *f*: 703.793.6079 *e*: bbazian(a)mbopartners.com *w*: mbopartners.com *s:*Twitter <http://www.twitter.com/mbopartners> |Linkedin <https://www.linkedin.com/company/mbo-partners> |Facebook <https://www.facebook.com/mbopartners> Notice: This email and any files transmitted with it are confidential. They are intended solely for the use of the individual addressed. If you have received this email in error please notify postmaster(a)mbopartners.com <mailto:postmaster@mbopartners.com> and permanently delete the e-mail and files. _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user