Attackers Widely Exploiting A Recently Patched Vulnerability In Apache Struts
It is not clear yet why the vulnerability of Apache Struts is being exploited widely 48 hours after a patch was released. One of the possible reasons is that the Apache Struts maintainers didn't sufficiently disclose the risk. Although the whole team involved in the issue categorized the vulnerability security rank as high, they also define it as a "possible remote code execution" hazard.
Public Attacks Exploiting Against Apache Struts Vulnerability
According to Arnet, public attackers are widely exploiting a newly patched vulnerability in Apache Struts which allows them to remotely produce malicious code on various web servers. The attacks and scans are exposed on Apache web servers and have ramped up dramatically since Monday, March 6. It started when a vulnerability in the Apache Struts was patched and proof-of-concept exploit code was launched into the Metasploit module.
“The second someone starts working on a Metasploit module," Craig Williams, manager and senior leader of the Cisco’s Talos Outreach team, said. He also noted that what happened is a ramp-up for the rapid exploitation by a huge number of people and that is likely going to continue to increase. With that, it is also possible to see people trying to scan for the vulnerability of the web developer.
How Risky Is This Situation?
The ThreatPost said that the attacks in the vulnerability, CVE-2017-5638, are particularly risky to anyone operating their Apache web servers as the root of the development. Williams said that until now, it’s unclear whether an attacker can be harmful or not. However, as with some earlier internet-wide bugs, there are surely a large number of scans happening.
If the attacker/s will modify a single line of the operating system, the target will still run but with just a limited function. Unless the attackers are looking for a content, it’s easy not to see the malformed content type. Williams also said that the chances are very critical for a firm running an exposed Apache Struts server especially if it’s compromised. “The sky’s the limit,” Williams said describing how risky this situation is.
Nintendo Switch Joy-Con Can Now Work With NES Classic Edition
The tiny Joy-Cons of the Nintendo Switch might not be the ideal way to play your favorite 8-bit titles, but they can be considerably more comfortable than the NES Classic Edition original controllers.
PlayStation 4’s 4.5 Update Out Tomorrow, Will Bring ‘Boost Mode’
The new feature which is called Boost Mode is "not guaranteed to work with all titles," Sony explained. Additionally, the setting can be turned off so that the experience is that of a standard PS4.
Google Play Music Unveils Its First Podcast With 'City Soundtracks'
Google’s City Soundtracks comes at a time when the top streaming music services are trying to differentiate themselves by introducing their own exclusive content to complement their music libraries, podcasts and video content.
Mobile Video Consumption Will Have Massive Increase By 2021
Fueled by the rapid development in Virtual Reality (VR) and Augmented Reality (AR), Cisco predicts that mobile video usage will see an incremental increase by 2021.
Cisco Takes Measures Against NSA Exploit Cyberweapon
Cisco rolls out patches for its firewalls vulnerable to NSA's cyberweapon.
MORE IN ITECHPOST
How Scars are Formed and How to Remove It
Scar formation is a result of a biological process in skin after an injury or trauma. It is formed when the dermis layer of the skin is damaged. It is our body's way to repair tissues and organs and is a natural part of the healing process. A scar tissue is composed of the same type of collagen it is replacing with. Scars lacks elasticity compared to normal tissue. There are different degrees of scarring depending on the injury the tissue is subjected to.
Ways to Curtail PCB Assembly Cost is Easy Now
PCB assembly cost cut down is a thinkable subject. PCB is the abbreviated form for printed circuit board assembly that is often used to connect electronic components with their corresponding circuit board connections.
NASA Unveils New High-Tech Spacesuit for Artemis Mission
NASA is spending people on the moon again for the Artemis mission, and they have unveiled new spacesuits for it.
Fortnite Chapter 2 is Finally Here; Massive Changes Take Game to an Entirely New Level
Fortnite Chapter 2 competes with Call of Duty Mobile and the updated PUBG Mobile with some massive changes that take the Fortnite gaming experience to the next level.
4 In-Demand Professions That Pay Well In Canada
Canada is turning out to be an emerging place for fresh graduates and skilled people looking for jobs. Every year the ratio of unemployed people for every job keeps decreasing. This decline in the ratio is accredited to a lot of skilled professionals recently moving to Canada, more job vacancies and more opportunities.