Categories
Security

SamSam ransomware

ZDNet has reported a ransomware attack named “SamSam” which is believed to be using RDP (Remote Desktop Protocol) to attack servers.  Once a server is breached, it attempts to spread throughout connected servers.  Cisco’s security intelligence team Talos notes that the attacks seem to be tied to the same BitCoin wallet and has more details about the how the ransomware encrypts and decrypts files.  Several businesses, including some U.S. hospitals, have had their files locked by this ransomware according to BleepingComputer.com.