Last week, Congress released the full Equifax Breach Report.
To briefly recap the breach, attackers exploited an Apache Struts vulnerability on the Equifax ACIS web servers (accessed at ai.equifax.com). They then pivoted from these servers to gain further access and query multiple databases within Equifax. As a result, the personal information of 148 million US Citizens was stolen.
It’s a fantastic document that not only explains HOW the breach happened, but WHY it happened. It’s a document that everyone in IT, from the new Service Desk Tech to the seasoned CIO, should read.
The report explains that the breach was the result of many contributing factors that will be familiar to anyone who has worked in IT. Let’s go through the list. (more…)
Last week I received an email from my web host. It said that all customers needed to backup and move their data because their hosting services would be shutting down immediately. It was a strange email. After some digging, I found out that the reason for the shut down was that the CEO had just died. There was evidently no one who could step in and take over the business. So the decision was make to close.
Why would the unfortunate death of one employee, even a very high level employee, cause a business to shut down? Simply put, it is the lack of succession planning. What is succession planning and why is it important? (more…)
If you read the computer security news feeds, you’ve probably heard about the recent Java 7 and IE 6-9 exploits. The problem is that these exploits are discovered before there are any patches or reasonable workarounds for them. Fortunately, there is something that can be done to provide some additional protection that doesn’t involve an anti-virus company. Earlier this year, Microsoft released the Enhanced Mitigation Experience Toolkit (or EMET) version 3. The goal of EMET is to make exploitation of Windows applications difficult or impossible using the common attack techniques we see today. It’s not a silver bullet and won’t protect against every type of attack. But it does add additional layers of protection to your system by enforcing DEP, ASLR, Heap Spray Protection and more. (more…)