Over the last few weeks reports of crypto-ransomware have been circulated on the Internet and in the Press. While public details are sparse and victims are hesitant to share details, Red Hat is aware that older, un-patched versions of JBoss have been linked to several cases. The main flaw seen used has been CVE-2010-0738. Unsecured consoles appear to have been the main culprit of allowing attackers into internal networks using the JexBoss testing tool. Red Hat JBoss Enterprise Application Platform...
Article
