Data Security News Headlines 10th March 2017

  1. New Apache Struts Zero-Day Vulnerability Being Exploited in the Wild

Security researchers have discovered a Zero-Day vulnerability in the popular Apache Struts web application framework, which is being actively exploited in the wild. Apache Struts is a free, open-source, Model-View-Controller (MVC) framework for creating elegant, modern Java web applications, which supports REST, AJAX, and JSON. According to the researchers, the issue is a remote code execution vulnerability in the Jakarta Multipart parser of Apache Struts that could allow an attacker to execute malicious commands on the server when uploading files based on the parser. Attackers also attempted to gain persistence on infected hosts by adding a binary to the boot-up routine according to news published in HackerNews.

Cyber Security Tips: Both Cisco and Apache researchers urge administrators to upgrade their systems to Apache Struts version 2.3.32 or 2.5.10.1 as soon as possible.

  1. 640,000 Decrypted PlayStation Accounts Being Sold on DarkWeb

Before a month ago after the cyber-attack by Anonymous on 10,000 websites was compromised and user’s data was stolen. According to news published in HackRead total 640000 user’s data is sold on dark web. The vendor who goes by the handle of “SunTzu583” is selling 640,000 accounts of PlayStation users in just USD 35.71 (0.0292 BTC) stolen from an unknown database. These accounts contain emails along with their clear-text passwords. According to SunTzu583, the database was not directly stolen from PlayStation servers, but it does contain unique accounts of PlayStation users. SunTzu583 goes on to explain that these accounts may also work on other sites however they can be mainly used for PlayStation-related activities according to news published in HackRead.

Cyber Security Tips: Users are strictly recommended that change your passwords.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create a free website or blog at WordPress.com.

Up ↑

%d bloggers like this: