Security Audit

Our Web Application Pentest ( WAP) attempts to address the Owasp top 10 & SANS top 20 web application vulnerabilities and other exploitable loopholes of your web application . Along with it our WAP team also test web applications for Business logic flaws that can directly or indirectly effect the functioning of application.

Trainings

We are here to help you solve your biggest query- where and how to start? CDI has brought various courses in Ethical Hacking in Chandigarh where all you technology lovers will be given the much needed push to move forward and create a niche for yourself in the field. From Beginner to Expert level we have many kinds of training patterns.

Call Us : +91-771045-0011 | +91-771045-0022

Be Alert Server Admins! JBOSS Backdoor ahead!

 

 

According to a report published by Security Researchers of CISCO, more than 3 million servers are vulnerable to a major  JBOSS Backdoor. Security Researchers said that the main reason behind this is the use of outdated and vulnerable softwares on the servers. A special test strategy was made by researchers to find out those servers which are allowing hackers for Samsam Ransomware attacks. Hackers are using JBOSS named Backdoor to make changes into the program files of servers for encryption attacks.

 

What hackers could do?

By exploiting these major vulnerabilities, hackers could do Ransomware attacks. Samsam ransomware is the most compatible ransomware with JBOSS backdoor. Security Researchers of CISCO were already familiar with this Backdoor and Ransomware, so they took a few seconds to understand the risk of these vulnerabilities. During their research, the first vulnerability which they had found was related to JBOSS backdoor. After that they went deeper for more good results and at the end they found 3 million infected servers.

 

How Researchers came to know about it?

Researchers were investigating some systems which were infected with this JBOSS backdoor. Initially, the test had been performed by researchers on more than two thousand infected systems. All these servers were handling websites of schools, Government Organisations and many companies. Security Researchers found some shells, which were uploaded by the hackers on the web servers. All the infected servers were using some softwares which were outdated. Follett “Destiny” is the most infected software.

 

Some Security Tips for Server Admins

  • Disable external access to the server. This will protect you from Remote Hacks.
  • Install Security Updates for all the softwares , which you are using.
  • Make a backup file of the whole server and upload it on a new non vulnerable server.

 

Conclusion

This vulnerability has been fixed by the companies, by releasing security updates for their softwares. If you are also using Follett Destiny, update it immediately. This is the software which is mostly used by the schools and universities for maintaining "Library Management System."

 

Also Read: Beware VMware users! Hackers Could Hijack Your Web Session!

Leave a Reply

Name
Email id
Contact No
Comment

See more of Cyber Intelligence by logging in.
Connect with cyber security experts,Discover job opportunities,Online Training, Information Security Advisory and lot more.