3.2 Million Machines Found Vulnerable to Ransomware Campaign by David Bisson
From the post:
Researchers have found 3.2 million machines that are vulnerable of being targeted in a ransomware campaign.
According to a post published by the Cisco Talos Security Intelligence and Research Group, attackers can leverage vulnerabilities found in WildFly, an application server that also goes by the name JBoss, as an initial point of compromise to target upwards of 3.2 million machines.
Once they have established a foothold, bad actors can download malware onto the compromised machines and move laterally across the network to infect other computers.
Such was the case in a recent Samsam ransomware campaign, where attackers used a tool known as “JexBoss” to exploit JBoss application servers.
Further investigation by the Cisco Talos research team has uncovered 2,100 JBoss backdoors that have already been installed on 1,600 unique IP addresses.
…
There are far more than 3.2 million systems vulnerable to ransomware campaigns but here you have the advantage of targeting information and good odds of finding one of those targets.
Not that I advocate the use of ransomware but increases in cyberattacks drives the need for better information management of hacking information for “white,” “gray,” and “black” hats alike.
Or as they say:
It’s an ill wind indeed that doesn’t blow anyone good.
Ask yourself how much prose do you have to sift every day, day in, day out, just to remain partially current on security issues?
No, I’m not interested in fostering yet another meta-collection, rather a view into all existing collections, meta or not. Build upon what already exists and is useful.
Interested?
PS: I’m not concerned with your hat color. That’s between you and your local law enforcement officials.