Get a Pentest and security assessment of your IT network.

News

Apache Struts 2 Under Zero-Day Attack, Update Now

Apache Struts 2 installations are being targeted – and hacked in large numbers – by attackers who are exploiting a zero-day flaw in the platform to remotely execute code. The remote-code execution vulnerability in Struts that’s being actively exploited – CVE-2017-5638 – exists in the Jakarta Multipart parser, which is used for uploading files. Apache says the latest versions of the Java Enterprise Edition version of Struts fix the flaw. Security experts say other workarounds could also be put in place via Web application firewalls and intrusion detection systems.”]

Source: https://www.inforisktoday.com/apache-struts-2-under-zero-day-attack-update-now-a-9761

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

Botnet authors use Evernote account as C&C Server

News

Canadian agency breached as hackers exploit CVE-2017-5638 flaw in Apache Struts 2