Thursday, June 21, 2018
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
Samsung Details its 7nm EUV Technology
HDR10+ Technologies Unveil Licensing and Logo Certification Program
Samsung SDI Unveils New Residential ESS Module
Samsung Introduces 8TB SSD for Data Centers in NF1 Form Factor
Micron Had a Record Quarter in Terms of Revenue and Profitability
Bose Noise-Masking Sleepbuds Will Help You Sleep
Intel to Bring Silicon-Based Security to AI and Blockchain Workloads
Microsoft to Buy Bonsai to Build 'Brains' for Autonomous Systems
Active Discussions
Which of these DVD media are the best, most durable?
How to back up a PS2 DL game
Copy a protected DVD?
roxio issues with xp pro
Help make DVDInfoPro better with dvdinfomantis!!!
menu making
Optiarc AD-7260S review
cdrw trouble
 Home > News > General Computing > Unpatch...
Last 7 Days News : SU MO TU WE TH FR SA All News

Thursday, September 14, 2017
Unpatched Software Led to Massive Equifax Breach


The Equifax breach that exposed sensitive data for as many as 143 million US consumers was accomplished by exploiting a Web application vulnerability, company officials said Thursday.

"Equifax has been intensely investigating the scope of the intrusion with the assistance of a leading, independent cybersecurity firm to determine what information was accessed and who has been impacted," company officials wrote in an update posted online. "We know that criminals exploited a US website application vulnerability. The vulnerability was Apache Struts CVE-2017-5638. We continue to work with law enforcement as part of our criminal investigation, and have shared indicators of compromise with law enforcement."

The flaw in the Apache Struts framework was fixed on March 6. Three days later, the bug was already under mass attack by hackers who were exploiting the flaw to install rogue applications on web servers.

The disclosure suggests that Equifax failed to update its Web applications, despite demonstrable proof the bug gave real-world attackers an easy way to take control of sensitive sites.

Equifax Chief Executive Richard Smith is expected to testify before a U.S. House of Representatives panel on Oct. 3 after nearly 40 states joined a probe of the company's handling of the breach.

The Federal Trade Commission on Thursday said it has opened an investigation into the data breach at Equifax.

Apache Struts is a framework for developing Java-based apps that run both front-end and back-end Web servers. It's relied on heavily by banks, government agencies, large Internet companies, and Fortune 500 companies.



Previous
Next
Apple Explains the 'Failed' Face ID Demo on iPhone X event        All News        Samsung to Create US$300 Million Fund for Auto-related Technologies
Apple Could be Behind Toshiba's MoU With Bain Capital's Consortium     General Computing News      Samsung to Create US$300 Million Fund for Auto-related Technologies

Get RSS feed Easy Print E-Mail this Message

Related News
Hackers Breached Satellite, Defense Companies
U.S., UK Accuse Russia Of Backing Global Cyber Espionage Campaign
U.S. and UK Government Websites Carried Crypto-mining Malware: report
Hackers Attacked PyeongChang 2018 Winter Olympic Games
Intel Has to Deal With New Security Issue in Laptops
North Korea Behind attacks on Cryptocurrency Exchanges: report
Hackers Hit ATM Networks In U.S. and Russian Bank Breaches
Uber Paid Hackers to Keep Massive Data Breach Secret
Windows OS is Protected Against KRACK Wi-Fi Attacks
Deloitte Email Platform and Client Data Hacked
Free CCleaner Software Compromised to Open Back-door to Million of PCs
Equifax's Hack May Have Exposed Almost Half of Americans

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2018 - All rights reserved -
Privacy policy - Contact Us .