RiskIQ Enterprise Digital Footprint Platform Enables Customers to Fight New Samsam Ransomware Malware
April 15, 2016
Ransomware malware, which encrypts your data until you pay a ransom to unlock it, is evolving into more dangerous variants. Samsam, the newest evolution, which was implicated in the infection of a hospital in Maryland, attacks organizations by compromising old or improperly configured instances of JBoss. Once it gains a foothold in your network via this compromised server, Samsam attempts to infect—and ransom—data across your company's entire network.
RiskIQ Enterprise Digital Footprint enables you to quickly discover and report on outdated frameworks in your digital footprint, regardless of where they are located on the Internet. This includes automatically identifying outdated versions of JBoss. This intelligence can also be easily exported for use by your SOC and patch management team, as well as imported into vulnerability scanners, to ensure that vulnerable systems are accurately verified and remediated.
New Insights feature in Enterprise Digital Footprint
RiskIQ's new “Insights” dashboard provides rapid visibility into web assets in your digital footprint that put your organization at risk—including legacy versions of frameworks like JBoss, the java application server targeted by Samsam. Insights also identifies targets of external threats like outdated versions of Wordpress and Drupal Content Management Systems, supposedly responsible for the recent "Panama Papers" Breach.
To leverage “Insights” and report on outdated and at-risk frameworks in your environment: