A type of ransomware called Samsam has been infecting organizations but is not installed in the usual way. The perpetrators use a legitimate penetration tool called Jexboss to exploit servers running Red Hat’s JBoss application server. It means that attackers are more directly targeting businesses and organizations to install their malware. Samsam is another variant in a growing number of variants of ransomware, but what sets it apart from other ransomware is how it reaches its intended targets by way of unpatched server-side software.”]
Source: https://www.csoonline.com/article/3052244/server-software-poses-soft-target-for-ransomware.html