Regístrese ahora para una mejor cotización personalizada!
Cisco Talos is currently observing a widespread campaign leveraging the Samas/Samsam/MSIL.B/C ransomware variant. Unlike most ransomware, SamSam is not launched via user focused attack vectors, such as phishing campaigns and exploit kits. This particular family seems to be distributed via compromising servers and using them as a foothold to move laterally through the network to compromise additional machines which are then held for ransom. A particular focus appears to have been placed on the healthcare industry.
Adversaries have been seen leveraging JexBoss, an open source tool for testing and exploiting JBoss application servers, to gain a foothold in the network. Once they have access to the network they proceed to encrypt multiple Windows systems using SamSam.
Upon compromising the system the sample will launch a samsam.exe process which begins the process of encrypting files on the system.
Read more >>
Etiquetas calientes:
Cisco Talos
Talos
Ransomware
Threat Research
Samsam
Regístrepor correo electrónico ahora para acciones semanales de promoción
100% free, Unsubscribe any time!
Add 1: Room 605 6/F FA YUEN Commercial Building, 75-77 FA YUEN Street, Mongkok KL, HongKong Add 2: Room 405, Building E, MeiDu Building, Gong Shu District, Hangzhou City, Zhejiang Province, China
Whatsapp/Tel: +8618057156223 Tel: 0086 571 86729517 Tel en Hong Kong: 00852 66181601
Correo electrónico: [email protected]
English
Pусский
Français
Español
Português
