2017 in Breaches: Equifax and More

This question was recently answered, as Equifax announced, “We know that criminals exploited a U.S. website application vulnerability. The vulnerability was Apache Struts CVE-2017-5638.” What’s so bad about this disclosure? Well, as it turns out, the patch for this vulnerability had already been made available — months before the breach occurred. This brings with it […]