a-PATCH-e: Struts Vulnerabilities Run Rampant

Haythem Elmir

Equifax confirmed the attack vector used in its data breach to be CVE-2017-5638, a vulnerability patched last March 2017 via S2-045. The vulnerability was exploited to gain unauthorized access to highly sensitive data of approximately 143 million U.S. and 400,000 U.K. customers, as well as 100,000 Canadian consumers. This vulnerability was first disclosed in March, almost immediately followed by publicly available POCs, weaponized exploits, and scanners produced by third parties.

To read the original article: http://blog.trendmicro.com/trendlabs-security-intelligence/apache-struts-vulnerabilities-run-rampant/#utm_source=trendlabs-social&utm_medium=socal&utm_campaign=09-2017-apache-struts

Laisser un commentaire

Next Post

Malware Slipped into CCleaner Could Steal PC User Data

Anyone who’s recently downloaded CCleaner, a PC optimization tool developed by London-based Piriform, should update the software immediately to avoid malware that was inserted into one version of the program. It’s uncertain how the malware was slipped into CCleaner, a utility program that Piriform said has been downloaded some 2 […]