HackDig : Dig high-quality web security articles for hacker

Equifax Hackers Stole 200k Credit Card Accounts in One Fell Swoop

Visa and MasterCard are sending confidential alerts to financial institutions across the United States this week, warning them about more than 200,000 credit cards that were stolen in the epic data breach announced last week at big-three credit bureau Equifax. At first glance, the private notices obtained by KrebsOnSecurity appear to suggest that hackers ini
Publish At:2017-09-30 15:56 | Read:583 | Comments:0 | Tags:Other apache struts cve-2017-5638 Equifax breach mastercard

a-PATCH-e: Struts Vulnerabilities Run Rampant

by Steve Povolny Equifax confirmed the attack vector used in its data breach to be CVE-2017-5638, a vulnerability patched last March 2017 via S2-045. The vulnerability was exploited to gain unauthorized access to highly sensitive data of approximately 143 million U.S. and 400,000 U.K. customers, as well as 100,000 Canadian consumers. This vulnerability was f
Publish At:2017-09-22 02:45 | Read:1330 | Comments:0 | Tags:Exploits Vulnerabilities Apache Struts CVE-2017-5638 CVE-201

Cisco warns of two critical issues in IOS and Apache Struts

Cisco issued two “critical” security advisories, one for Cisco IOS and Cisco IOS XE Software, another for a flaw affecting Apache Struts 2. Today Cisco issued two “critical” security advisories, the first one for Cisco IOS and Cisco IOS XE Software, the second one for the recently discovered flaw affecting Apache Struts 2. The vulnerability in Cisco IOS affe
Publish At:2017-04-17 02:55 | Read:1371 | Comments:0 | Tags:Breaking News Hacking Apache Struts CVE-2017-5638 RCE zero-D

Apache Struts 2 vulnerability exploited to deliver the Cerber ransomware

Cyber criminals exploited the recently patched Apache Struts 2 vulnerability CVE-2017-5638 in the wild to deliver the Cerber ransomware. A recently patched Apache Struts 2 vulnerability, tracked as CVE-2017-5638, has been exploited by crooks in the wild to deliver the Cerber ransomware. The remote code execution vulnerability affected the Jakarta-based file
Publish At:2017-04-07 05:25 | Read:1287 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Malware Cerber CVE-2017-56

Canadian agency breached as hackers exploit CVE-2017-5638 flaw in Apache Struts 2

Canada Revenue Agency confirmed it shut down its website for filing federal taxes due to a cyber attack leveraging the CVE-2017-5638 flaw in Apache Struts 2 The Canada Revenue Agency (CRA) confirmed it shut down its website for filing federal taxes after hackers broke into the server at the nation’s statistics bureau. The security breach occurred last
Publish At:2017-03-14 12:30 | Read:1835 | Comments:0 | Tags:Breaking News Hacking Apache Struts Apache Struts 2 Canada R

CVE-2017-5638: Apache Struts 2 Vulnerability Leads to Remote Code Execution

Apache Struts is a free and open-source framework used to build Java web applications. We looked into past several Remote Code Execution (RCE) vulnerabilities reported in Apache Struts, and observed that in most of them, attackers have used Object Graph Navigation Language (OGNL) expressions. The use of OGNL makes it easy to execute arbitrary code remotely b
Publish At:2017-03-10 01:15 | Read:1833 | Comments:0 | Tags:Exploits Vulnerabilities Apache Struts CVE-2017-5638 Remote

Patch Apache Struts 2 Now! Hackers are exploiting a remote code execution zero-day in the wild

Researchers have spotted a remote code execution zero-day in Apache Struts 2, the flaw has being exploiting by that threat actors in the wild. Security researchers have spotted a remote code execution zero-day, tracked as CVE-2017-5638, in Apache Struts 2, and the bad news is that threat actors in the wild are already exploiting it. According to the experts
Publish At:2017-03-09 18:50 | Read:1617 | Comments:0 | Tags:Breaking News Cyber Crime Hacking Apache Struts CVE-2017-563

Announce

Share high-quality web security related articles with you:)

Tools

Tag Cloud