Wednesday, December 13, 2017
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
Toshiba and Western Digital Reach Settlement, Agree to Strengthen Flash Memory Collaboration
Twitter Makes It Easier For Users to Create Threads
Tsinghua to Invest in China-based Lite-On Storage Plant
Facebook to Book Advertising Revenue Locally Following Pressure
New Radeon Software Adrenalin Edition Provides Amped-Up Connected Gaming
Nintendo Says Switch Sells 10 Million Worldwide
Toshiba Unveils Embedded NAND Flash Memory Products for Automotive Applications
FCC to Hand Over Internet Oversight to FTC
Active Discussions
Which of these DVD media are the best, most durable?
How to back up a PS2 DL game
Copy a protected DVD?
roxio issues with xp pro
Help make DVDInfoPro better with dvdinfomantis!!!
menu making
Optiarc AD-7260S review
cdrw trouble
 Home > News > General Computing > Unpatch...
Last 7 Days News : SU MO TU WE TH FR SA All News

Thursday, September 14, 2017
Unpatched Software Led to Massive Equifax Breach


The Equifax breach that exposed sensitive data for as many as 143 million US consumers was accomplished by exploiting a Web application vulnerability, company officials said Thursday.

"Equifax has been intensely investigating the scope of the intrusion with the assistance of a leading, independent cybersecurity firm to determine what information was accessed and who has been impacted," company officials wrote in an update posted online. "We know that criminals exploited a US website application vulnerability. The vulnerability was Apache Struts CVE-2017-5638. We continue to work with law enforcement as part of our criminal investigation, and have shared indicators of compromise with law enforcement."

The flaw in the Apache Struts framework was fixed on March 6. Three days later, the bug was already under mass attack by hackers who were exploiting the flaw to install rogue applications on web servers.

The disclosure suggests that Equifax failed to update its Web applications, despite demonstrable proof the bug gave real-world attackers an easy way to take control of sensitive sites.

Equifax Chief Executive Richard Smith is expected to testify before a U.S. House of Representatives panel on Oct. 3 after nearly 40 states joined a probe of the company's handling of the breach.

The Federal Trade Commission on Thursday said it has opened an investigation into the data breach at Equifax.

Apache Struts is a framework for developing Java-based apps that run both front-end and back-end Web servers. It's relied on heavily by banks, government agencies, large Internet companies, and Fortune 500 companies.



Previous
Next
Apple Explains the 'Failed' Face ID Demo on iPhone X event        All News        Samsung to Create US$300 Million Fund for Auto-related Technologies
Apple Could be Behind Toshiba's MoU With Bain Capital's Consortium     General Computing News      Samsung to Create US$300 Million Fund for Auto-related Technologies

Get RSS feed Easy Print E-Mail this Message

Related News
Hackers Hit ATM Networks In U.S. and Russian Bank Breaches
Uber Paid Hackers to Keep Massive Data Breach Secret
Windows OS is Protected Against KRACK Wi-Fi Attacks
Deloitte Email Platform and Client Data Hacked
Free CCleaner Software Compromised to Open Back-door to Million of PCs
Equifax's Hack May Have Exposed Almost Half of Americans
Millions Time Warner Cable Records Exposed, Instagram Security Bug Fixed
HBO Offered $250,000 to Hackers
Game Of Thrones Episodes Could Have Leaked After HBO Hack
Hackers Attacked U.K. Parliament
WikiLeaks Says 'Athena' CIA Spying Program Targets All Versions of Windows
Dallas Emergency Siren System Hacked

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2017 - All rights reserved -
Privacy policy - Contact Us .