If hackers are exploiting the Log4j flaw, CISA says we might not know yet
The agency harkened back to the long delay between vulnerability discovery and the Equifax breach.
Advertisement
Apache Struts
Backdoor vulnerability in open source tool exposes thousands of apps to remote code execution
The 2017 data breach at Equifax was possible because the company did not act to resolve a flaw in the open source Apache Struts framework.
Apache alerts developers of remote code execution flaw
The two-year-old flaw could allow hackers to take control of unsuspecting developers' web servers.
New critical vulnerability exposes Apache Struts instances to remote attacks
Update your Apache Struts instances now.
Equifax CISO Jamil Farshchi’s three-act, ‘shared fate’ security plan
In an exclusive interview with CyberScoop, Farshchi describes how he wants to secure Equifax and instill the idea that cybersecurity doesn't fall to the IT division.
Over 10,000 companies downloading software vulnerable to Equifax hack
Unpatched Apache Struts instances are still out there in large quantities.
Advertisement
Nation-state hackers attempted to use Equifax vulnerability against DoD, NSA official says
An NSA official says 24 hours after Equifax's breach was made public, a nation-state was scanning DoD for unpatched Apache Struts instances.
FBI issues flash alert on Apache Struts vulnerability
A FBI flash alert obtained by CyberScoop shows the FBI is pushing the private sector to close the vulnerability linked to the massive data breach at Equifax
Apache Struts vulnerability lets hackers execute malicious code on corporate servers
One financial sector CISO described the vulnerability as "especially worrying."