The ThorTeaches CISSP, CISM, and CC blog!

Get certification updates, tips, tricks, sales, and much more!

orange-underline-thorteaches-cissp-cism-cc-ccsp-security-training

IT Security: The Equifax breach could have been avoided with a patch released 2 months before the breach started.

Equifax has without notifying anyone updated their breach FAQ, now saying that it was breached using a vulnerability in Apache Struts.
“We know that criminals exploited a U.S. website application vulnerability. The vulnerability was Apache Struts CVE-2017-5638.”

https://www.equifaxsecurity2017.com/frequently-asked-questions/

The bug was widely reported and patches have been available since March, two months before the Equifax breach started in mid-May.’

Patching is an update to software fixing programming or security issues, even if the vulnerability was not known before it is as soon as the patch is released.
Not patching systems now leaves you open to known vulnerabilities, the attackers knows your systems, that they are vulnerable and if not patched they have a way onto your systems.

If you want to protect yourself using Equifax, do not use the link sent to you in an email, that can be a phishing email, using a XSS (Cross-site scripting) vulnerability on their site (Yes, another security problem by Equifax).
Instead type https://www.alerts.equifax.com into your browser’s address bar.

Start studying today!

  • 34 hours of CISSP videos
  • 5,000+ CISSP questions
  • A 300-page CISSP study guide
  • 120-page quick sheets
  • CISSP Mnemonics
  • A CISSP study plan
  • A 2,500-page CISSP Glossary
  • The 24/7 CISSP ThorBot (chatbot)
  • 2,500 CISSP Flashcards
  • Subtitles English, Spanish (Latin America), Portuguese (Brazil), French, Arabic, Chinese, Japanese, and Hindi
  • Lifetime or 12-months access
  • 32 hours of CISM videos
  • 900 CISM questions
  • A 200-page CISM study guide
  • CISM Mnemonics
  • A CISM study plan
  • A 2,500-page CISM Glossary
  • The 24/7 CISM ThorBot (chatbot)
  • 2,500 CISM Flashcards
  • Subtitles English, Spanish (Latin America), Portuguese (Brazil), French, Arabic, Chinese, Japanese, and Hindi
  • Lifetime or 12-months access
  • 17 hours of CC videos
  • 1,700+ CC questions
  • A 120-page CC study guide
  • CC Mnemonics
  • A CC study plan
  • A 2,500-page CC Glossary
  • The 24/7 CC ThorBot (chatbot)
  • 2,500 CC Flashcards
  • Subtitles English, Spanish (Latin America), Portuguese (Brazil), French, Arabic, Chinese, Japanese, and Hindi
  • Lifetime or 12-months access