The Tech Corner
The Tech Corner is a technology news and advice column presented each week courtesy of Melvin McCrary at Georgia Computer Depot in Cedartown. plications on affected web servers after its proof-ofconcept exploit code was uploaded to a Chinese site.
Despite patches were made available and proofs that the flaw was already under mass attack by hackers, Equifax failed to patch its Web applications against the flaw, which resulted in the breach of personal data of nearly half of the US population.
“Equifax has been intensely investigating the scope of the intrusion with the assistance of a leading, independent cyber security firm to determine what information was accessed and who have been impacted,” the company officials wrote in an update on the website with a new
For those unaware, Apache Struts is a free, open-source MVC framework for developing web applications in the Java programming language that run both front-end and back-end Web servers.
The framework is used by 65n per cent of the Fortune 100 companies, including Lockheed Martin, Vodafone, Virgin Atlantic, and the IRS.
Since the hackers are actively exploiting the vulnerabilities in the Apache Struts web framework, Cisco has also initiated an investigation into its products against four newly discovered security vulnerabilities in Apache Struts2.
The FTC announced that the identity theft protection firm LifeLock will pay $100 million to resolve allegations that the company made false statements about its services and failed to safeguard consumer data. This settlement represents the largest of its kind in an FTC order enforcement action.
Researcher Discloses Flaws in D-Link 850L Wireless Routers
A security researcher has discovered a total of ten critical zero-day vulnerabilities in routers from Taiwan-based networking equipment manufacturer D-Link which leave users open to cyber-attacks.
Private keys hardcoded in the firmware — the private encryption keys are hardcoded in the firmware of both D-Link 850L Rev A and Rev B, allowing to extract them to perform attacks. Kim advised users to cut the connections with the affected D-Link router in order to be safe from such attacks.