[keycloak-user] Jboss vulnerability

Ben Bazian bbazian at mbopartners.com
Tue Apr 19 08:33:50 EDT 2016


Is Keycloak 1.8 susceptible to this vulnerability?

Cisco Talos has identified millions of vulnerable JBoss servers that can potentially be infected with SamSam ransomware
Attackers used a JBoss-specific exploit called JexBoss -- a Jboss verification and exploitation tool -- to compromise vulnerable servers and then install webshells and backdoors for remote access. Cisco Talos researchers found that compromised JBoss servers typically have more than one webshell installed, suggesting that the systems have been repeatedly compromised by different actors.  The list of webshells include mela, shellinvoker, jbossinvoker, zecmd, cmd, genesis, sh3ll, and jbot.

http://www.infoworld.com/article/3058254/security/patch-jboss-now-to-prevent-samsam-ransomware-attacks.html


__________________________
BEN BAZIAN
Director, Information Systems
MBO Partners

[cid:image001.png at 01D057F2.BE72C880]

t: 703.793.6010
f: 703.793.6079
e: bbazian at mbopartners.com
w: mbopartners.com
s: Twitter<http://www.twitter.com/mbopartners> | Linkedin<https://www.linkedin.com/company/mbo-partners> | Facebook<https://www.facebook.com/mbopartners>


Notice: This email and any files transmitted with it are confidential. They are intended solely for the use of the individual addressed.  If you have received this email in error please notify postmaster at mbopartners.com<mailto:postmaster at mbopartners.com> and permanently delete the e-mail and files.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/keycloak-user/attachments/20160419/62ab2617/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 5334 bytes
Desc: image001.png
Url : http://lists.jboss.org/pipermail/keycloak-user/attachments/20160419/62ab2617/attachment-0001.png 


More information about the keycloak-user mailing list