Equifax Data Breach & Critical Flaw Found in Apache Struts

This week, the Alert Logic team highlights Equifax Data Breach and Critical Flaw in Apache Struts2 Allows Hackers to Access Web Servers. Read the full report to learn more and get access to the week’s Top Malicious IP addresses.

Data Breach

Equifax Data Breach

A huge security breach at credit reporting company Equifax has exposed sensitive information, such as names, Social Security numbers, birth dates, addresses, credit card numbers and the numbers of some driver's licenses, of up to 143 million Americans. Unlike other data breaches, those affected by the breach may not even know they are customers of the company.

The breach happened between mid-May and July, but was discovered on July 29. Equifax said it will send notices in the mail to people whose credit card numbers or dispute records were breached. The company said it found no evidence that consumers in other countries were affected beyond the U.S., U.K. and Canada.

References: Fact Checking the Equifax Data Breach Story | Equifax Breach Could Affect 143 Million U.S. Consumers | Equifax Data Breach Could Create Lifelong Identity Theft Threat | What You Need to Know About the Equifax Data Breach

Mitigation Strategies:

Malware

Critical Flaw in Apache Struts2 Allows Hackers to Access Web Servers

Security researchers have discovered a critical remote code execution vulnerability in the popular Apache Struts web application framework, allowing a remote attacker to run malicious code on the affected servers.

The vulnerability is incredibly easy for an attacker to exploit. Successful exploitation of the vulnerability could allow an attacker to take full control of the affected server, eventually letting the attacker infiltrate into other systems on the same network.

References: Apache Struts Flaw Could See Hackers Target Lockheed Martin, Vodafone and Other Fortune 100 Firms | Security Flaw in Apache Struts Exposes Web Servers to Hacking | Another Critical Vulnerability in Apache Struts 2 Allows Criminals to Hack Web Servers

Mitigation Strategies:

This Week's Suspicious IP Addresses

96.86.39.17 85.214.18.0/24
199.244.78.74 67.231.25.10
104.31.69.18 62.210.178.242

*IP addresses provided by Recorded Future.