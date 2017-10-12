Equifax Takes Web Page Offline After Reports of New Cyber Attack (reuters.com) 23
Equifax said on Thursday it was taking one of its web pages offline as its security team looks into reports of another potential cyber breach. From a report: The move came after an independent security analyst on Wednesday found Equifax's website was under the control of attackers trying to trick visitors into installing fraudulent Adobe Flash updates that could infected computers with malware, the technology news website Ars Technica reported.
Another web vulnerability. Come on.
No it wasn't a flaw in Apache Struts. It was a flaw in someone NOT patching a known vulnerability. The current version of Apache Struts at that time did not have the vulnerability. If you want to play bull shit blame games like that then Microsoft is way more vulnerable than open source because I assure you I can list 100s of exploits on Windows 95...you know since we don't care about using current versions of software and all.
Use of open source software is HARDLY the major point to be looking at here. Yes, it is a significant factor, but goddamn dude, they did everything else wrong. It is entirely fucking possible to have this shit set up so that no matter how badly rooted the public-facing servers are, admins get notice of it and the attackers have additional hoops to jump through instead of immediate access to everything. Have these fuckers ever heard of the concept of defense in depth? Data segregation? Tripwire systems?
If you hold these executives responsible for flaws in open source software, their solution to this problem will be to never allow the use of any open source software within their organizations!
And what would be the alternative? Closed source software? Its track record isn't any better.
Unfortunately, some of us need jobs and we have no power who they use for their credit reporting. Besides government interaction is socialism and we will end up like Venezuela so we can't have any of that no can we?
Way off topic here, but that's a non-sequitur - it does not follow that Venezuela's problems stem entirely from socialism. A very large chunk is directly attributable to the country's economy being almost entirely based on petroleum exports in a fucked up market.
Looks like we get to have another discussion about how we shouldn't judge susan mauldin
...we JUST had an article 40 mins prior to this one. Just add to that one.
Is Slashdot suffering so bad to find news that they need reposts in less than an hour? Get off your fucking ass and use your own system to check for dupes.
"The person responsible for installing the patches, has been sacked.
The person responsible for sacking the person responsible for installing the patches has also been sacked.
The rest of the patches have been completed in an entirely different style and at great expense.
Incidentally, a møøse once bit my sister..."
Coincidence they're reacting now to something posted earlier this morning here on Slashdot [slashdot.org]?
It's a baby step guys, but it's progress.
Hopefully they take down more than a webpage. If one page is infected then likely the entire web server is infected, if not more. At the very least they need to offline the entire web server(s) while they investigate.