"Threat Actors Exploiting Red Team Tool JexBoss"

A US-CERT alert has been issued by DHS' National Cybersecurity and Communications Integration Center (NCCIC) pertaining to the abuse of a red team tool by attackers, called JexBoss (JBoss Verify and EXploitation). Attackers are testing and exploiting vulnerabilities contained by different Java applications and platforms through the use of JexBoss. This article continues to discuss the exploitation of JexBoss by malicious actors, along with detection and mitigation recommendations. 

Infosecurity Magazine reports "Threat Actors Exploiting Red Team Tool JexBoss"