Wednesday, August 15, 2018
Search
  
Submit your own News for
inclusion in our Site.
Click here...
Breaking News
Trendforce Confirms New iPhone Launch This Fall, Including a Budget Version
NVIDIA Unveils Turing Architecture, Quadro RTX Ray-Tracing GPU
AMD Says New 2nd Generation, 32-core AMD Ryzen Threadripper Processors Break Boundaries of High-End Desktop Market
HyperX Announces the HyperX Gaming microSD Cards
Fraunhofer Scientists Find Dangerous Security Holes in Tracker Apps
Samsung Announces New SmartThings Mesh Wi-Fi System
Google Tracks Your Movements No Matter What
iPhone 9 Will Feature Apple's New LCD Display Bezel Technology
Active Discussions
Which of these DVD media are the best, most durable?
How to back up a PS2 DL game
Copy a protected DVD?
roxio issues with xp pro
Help make DVDInfoPro better with dvdinfomantis!!!
menu making
Optiarc AD-7260S review
cdrw trouble
 Home > News > General Computing > Unpatch...
Last 7 Days News : SU MO TU WE TH FR SA All News

Thursday, September 14, 2017
Unpatched Software Led to Massive Equifax Breach


The Equifax breach that exposed sensitive data for as many as 143 million US consumers was accomplished by exploiting a Web application vulnerability, company officials said Thursday.

"Equifax has been intensely investigating the scope of the intrusion with the assistance of a leading, independent cybersecurity firm to determine what information was accessed and who has been impacted," company officials wrote in an update posted online. "We know that criminals exploited a US website application vulnerability. The vulnerability was Apache Struts CVE-2017-5638. We continue to work with law enforcement as part of our criminal investigation, and have shared indicators of compromise with law enforcement."

The flaw in the Apache Struts framework was fixed on March 6. Three days later, the bug was already under mass attack by hackers who were exploiting the flaw to install rogue applications on web servers.

The disclosure suggests that Equifax failed to update its Web applications, despite demonstrable proof the bug gave real-world attackers an easy way to take control of sensitive sites.

Equifax Chief Executive Richard Smith is expected to testify before a U.S. House of Representatives panel on Oct. 3 after nearly 40 states joined a probe of the company's handling of the breach.

The Federal Trade Commission on Thursday said it has opened an investigation into the data breach at Equifax.

Apache Struts is a framework for developing Java-based apps that run both front-end and back-end Web servers. It's relied on heavily by banks, government agencies, large Internet companies, and Fortune 500 companies.



Previous
Next
Apple Explains the 'Failed' Face ID Demo on iPhone X event        All News        Samsung to Create US$300 Million Fund for Auto-related Technologies
Apple Could be Behind Toshiba's MoU With Bain Capital's Consortium     General Computing News      Samsung to Create US$300 Million Fund for Auto-related Technologies

Get RSS feed Easy Print E-Mail this Message

Related News
U.S. DoJ Indicts 12 Russian Intelligence Officers for Hacking Offenses Related to the 2016 Election
Adidas Servers Hacked, User Data Potentially Leaked
Hackers Breached Satellite, Defense Companies
U.S., UK Accuse Russia Of Backing Global Cyber Espionage Campaign
U.S. and UK Government Websites Carried Crypto-mining Malware: report
Hackers Attacked PyeongChang 2018 Winter Olympic Games
Intel Has to Deal With New Security Issue in Laptops
North Korea Behind attacks on Cryptocurrency Exchanges: report
Hackers Hit ATM Networks In U.S. and Russian Bank Breaches
Uber Paid Hackers to Keep Massive Data Breach Secret
Windows OS is Protected Against KRACK Wi-Fi Attacks
Deloitte Email Platform and Client Data Hacked

Most Popular News
 
Home | News | All News | Reviews | Articles | Guides | Download | Expert Area | Forum | Site Info
Site best viewed at 1024x768+ - CDRINFO.COM 1998-2018 - All rights reserved -
Privacy policy - Contact Us .