It was reported this week that at least seven large tech companies are still using vulnerable versions of Apache Struts, a web server software used to provide web applications in Java.

The flaw in the software was exploited by hackers to steal sensitive information such as names, addresses, social security numbers from credit reporting firm Equifax. Patches for the bug had already been issued, but it was recently revealed by open-source automation firm Sonatype that least 10,800 companies and over half of the Fortune Global 100 are still using vulnerable versions of the software.

However, even after the widely publicized Equifax breach, Sonatype’s data showed that only one-in-five companies have moved to apply the patches.

Source: ZDNet

Leave a Comment

Your email address will not be published. Required fields are marked *