It has been reported that almost two years after Equifax’s massive hack, the majority of Fortune 100 companies still aren’t learning the lessons of using vulnerable software. In the last six months of 2018, two-thirds of the Fortune 100 companies downloaded a vulnerable version of Apache Struts, the same vulnerable server software that was used by hackers to steal the personal data on close to 150 million consumers, according to data shared by Sonatype, an open-source automation firm. That’s despite almost two years’ worth of patched Struts versions being released since the attack.
Tim Mackey, Technical Evangelist at Synopsys:
“Sonatype, and others, maintain public repositories containing open source components. While it’s […] Read more