Equifax Hack Resulted from Failure to Patch Web Development Framework
Application Security Testing: An Integral Part of DevOps
Credit report provider Equifax has revealed more details about the cause of the data breach that exposed personal information for up to 143 million Americans. The company said that attackers exploited its website through a vulnerability in the Apache Struts web development framework. Specifically, the attackers used a known vulnerability called CVE-2017-5638.
A fix for the security bug first became available March 10 and was later updated. Equifax had not yet applied the patch in mid-May when unauthorized access of its systems began. The company discovered the intrusion July 29 but though it was "limited," its CEO said.
"We are devoting extraordinary resources to make sure this kind of incident doesn’t happen again," Equifax CEO Richard F. Smith said. "We will make changes and continue to strengthen our defenses against cyber crimes."
IT Solutions Builder TOP IT RESOURCES TO MOVE YOUR BUSINESS FORWARD
Which topic are you interested in?
What is your company size?
What is your job title?
What is your job function?
Searching our resource database to find your matches...