One Article Review
| Source |  TrendLabs Security |
|---|---|
| Identifiant | 410770 |
| Date de publication | 2017-09-21 16:01:41 (vue: 2017-09-21 16:01:41) |
| Titre | a-PATCH-e: Struts Vulnerabilities Run Rampant |
| Texte | Equifax confirmed the attack vector used in its data breach to be CVE-2017-5638, a vulnerability patched last March 2017 via S2-045. The vulnerability was exploited to gain unauthorized access to highly sensitive data of approximately 143 million U.S. and 400,000 U.K. customers, as well as 100,000 Canadian consumers. This vulnerability was first disclosed in March, almost immediately followed by publicly available POCs, weaponized exploits, and scanners produced by third parties. Trend Micro observed thousands of filter events via our intrusion prevention solutions against the filters for this vulnerability since March, and these exploits or enumeration attempts are still being seen. It's worth noting that these Trend Micro customers can leverage these filters to provide a highly effective virtual patch to address critical Apache Struts vulnerabilities until actual software updates are deployed to secure the system. Post from: Trendlabs Security Intelligence Blog - by Trend Micro a-PATCH-e: Struts Vulnerabilities Run Rampant |
| Envoyé | Oui |
| Condensat | 000 045 100 143 2017 400 5638 access actual address against almost apache approximately are attack attempts available being blog breach can canadian confirmed consumers critical customers cve data deployed disclosed effective enumeration equifax events exploited exploits filter filters first followed from: gain highly immediately intelligence intrusion its last leverage march micro million noting observed parties patch patched pocs post prevention produced provide publicly rampant run scanners secure security seen sensitive since software solutions struts system these third thousands trend trendlabs unauthorized until updates used vector virtual vulnerabilities vulnerability weaponized well worth |
| Tags | |
| Stories | Equifax |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.