The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) have issued an alert for SamSam ransomware to describe how hackers armed with SamSam targeted multiple industries.
A typical SamSam Ransomware attack
The actors exploit Windows servers to gain access to the network and infect all reachable hosts.
Cyber actors use Remote Desktop Protocol (RDP) to gain persistent access to victims’ networks.
Detecting RDP intrusions can be challenging because the
malware enters through an approved access point.
0