The Equifax Data Breach and the Apache Struts Vulnerability

Last week (9/7/2017), Equifax announced that on July 29 they discovered that an exploited web application vulnerability was being used to access a trove of consumer information for the previous 2 ½ months, until discovery.  Various news outlets, such as the New York Post are starting to report that the … Continue reading

Modify a line in wtmp – Linux Accounting

The /var/log/wtmp file in a Linux system contains data about past user logins.  An attacker may want to modify this file as one of the steps they take in covering their track.  One may also want to modify utmp or btmp as well.  This same technique can be used. The … Continue reading

  • The postings and views on this site are my own and do not necessarily reflect the positions, strategies, or opinions of any current or previous employer.