Is Keycloak 1.8 susceptible to this vulnerability?
Cisco Talos has identified millions of vulnerable JBoss servers that can potentially be
infected with SamSam ransomware
Attackers used a JBoss-specific exploit called JexBoss -- a Jboss verification and
exploitation tool -- to compromise vulnerable servers and then install webshells and
backdoors for remote access. Cisco Talos researchers found that compromised JBoss servers
typically have more than one webshell installed, suggesting that the systems have been
repeatedly compromised by different actors. The list of webshells include mela,
shellinvoker, jbossinvoker, zecmd, cmd, genesis, sh3ll, and jbot.
http://www.infoworld.com/article/3058254/security/patch-jboss-now-to-prev...
__________________________
BEN BAZIAN
Director, Information Systems
MBO Partners
[cid:image001.png@01D057F2.BE72C880]
t: 703.793.6010
f: 703.793.6079
e: bbazian(a)mbopartners.com
w:
mbopartners.com
s:
Twitter<http://www.twitter.com/mbopartners> |
Linkedin<https://www.linkedin.com/company/mbo-partners> |
Facebook<https://www.facebook.com/mbopartners>
Notice: This email and any files transmitted with it are confidential. They are intended
solely for the use of the individual addressed. If you have received this email in error
please notify postmaster@mbopartners.com<mailto:postmaster@mbopartners.com> and
permanently delete the e-mail and files.