Thwarting the Tactics of the Equifax Attackers
The massive data breach at Equifax has significantly increased public awareness about security vulnerabilities, but it has not necessarily led to positive action. Keeping software up-to-date is important, but it's a reactive measure that doesn't protect against unknown threats. Security experts agree that maintaining systems is difficult and can lead to unforeseen issues when patches or upgrades are applied. Businesses must pay more attention to security vulnerabilities due to new data protection legislation like GDPR and NIST. The Equifax breach was caused by a single person responsible for communicating the availability of a patch, highlighting the importance of having multiple people responsible for threat communication. Attacks like Equifax can be avoided by understanding how they happen, such as through Remote Code Execution (RCE) and SQL Injection (SQLi). Cloudflare's Web Application Firewall (WAF) helps protect against these types of attacks and others, with over 138 million matches on an average week. Communication and awareness are crucial for understanding the risks associated with software vulnerabilities, and having protection in front of applications is essential to mitigate those risks.
Company
Cloudflare
Date published
Nov. 13, 2017
Author(s)
Alex Cruz Farmer
Word count
1227
Language
English
Hacker News points
29