Category Archives: CVE-2017-5638

Equifax Hackers Stole 200k Credit Card Accounts in One Fell Swoop

Posted on by

Visa and MasterCard are sending confidential alerts to financial institutions across the United States this week, warning them about more than 200,000 credit cards that were stolen in the epic data breach announced last week at big-three credit bureau Equifax. At first glance, the private notices obtained by KrebsOnSecurity appear to suggest that hackers were first able to steal credit card numbers from Equifax starting in November 2016. But Equifax says the accounts were all stolen at the same time — when hackers accessed the company’s systems in mid-May 2017. Continue reading Equifax Hackers Stole 200k Credit Card Accounts in One Fell Swoop

Patch Released for Critical Apache Struts Bug

Posted on by

The Apache Software Foundation released a patch on Tuesday for a critical vulnerability impacting all versions of Struts since 2008. Continue reading Patch Released for Critical Apache Struts Bug

Apache Attack Traffic Dropping, Limited to Few Sources

Posted on by

While probes looking for vulnerable Apache Struts 2 deployments continue, malicious traffic has tapered off, researchers at Rapid7 said. Continue reading Apache Attack Traffic Dropping, Limited to Few Sources

Attacks Heating Up Against Apache Struts 2 Vulnerability

Posted on by

Apache administrators are urged to immediately upgrade the Struts 2 web application framework to address a remote code execution flaw under public attack. Continue reading Attacks Heating Up Against Apache Struts 2 Vulnerability