Read more: Help Net Security
Amid significant increases in both malware and network attacks, multiple Apache Struts vulnerabilities – including one used in the devastating Equifax data breach – appeared for the first time on WatchGuard’s list of most popular network attacks in Q3 2019.
The report also highlights a major rise in zero day malware detections and, increasing use of Microsoft Office exploits and legitimate penetration testing tools.
Apache Struts 2 Remote Code Execution enables attackers to install Python or make a custom HTTP request to exploit the vulnerability with just a few lines of code and obtain shell access to an exposed system. This threat was accompanied by two additional Apache Struts vulnerabilities on the top ten network attacks list in Q3 2019, as overall network attacks increased in volume by 8%.
The massive fallout from the Equifax breach put the severity of this vulnerability on full display and should serve as a reminder of how important it is for web admins to patch known flaws as soon as possible.