Apache Struts2 exploitation: Beyond putting out fires!

The unfolding of the Equifax breach shows that the attack started around two months after the vulnerability was disclosed – and the patch was made available – by the Apache Foundation. That means the vulnerability could have been eliminated with a patch long before the attack. The case exposes a persistent challenge IT and Dev pros face: it takes much longer to mitigate vulnerabilities than it takes hackers to start exploiting them. This is not a…

September 25, 2017 Flexera

The Equifax Breach and the tale “The Emperor’s New Clothes”

The tale H.C. Andersen’s tale “The Emperor’s New Clothes”, published in 1837, tells the story of a vain king, more concerned with his appearance and his clothes than with his kingdom and his subjects. The king is fooled by two weavers who promise him a new set of clothes, made from a magnificent fabric, which had this wonderful way of becoming invisible to those who are not fit for their positions, incompetent or stupid. In his vanity, the king p…

September 19, 2017 Flexera

The ‘Could Have Been Worse’ WannaCry Has Arrived

Reports are coming in from around the globe about a new ransomware that is spreading quickly. Maersk, and Ukraine’s National Bank have both warned of cyber attacks.  But it appears this new dog is using some old tricks. From what we know right now, this attack appears to be leveraging the same EternalBlue exploits that WannaCry leveraged to obtain its ability to spread within organizations and impact more endpoints with encrypted files and demand…

June 27, 2017 Flexera