How Equifax Lost 147 Million Social Security Numbers
Impossible d'ajouter des articles
Échec de l’élimination de la liste d'envies.
Impossible de suivre le podcast
Impossible de ne plus suivre le podcast
-
Lu par :
-
De :
A critical vulnerability was disclosed. A patch was released the same day. Equifax was warned directly. The patch was never applied. Two months later, attackers walked through the door — and spent seventy-six days inside a system holding 147 million Social Security numbers. Episode 5 covers the full 2017 Equifax breach — the Apache Struts vulnerability, the scanner that missed, the certificate that was blind for over a year, the breach response that made everything worse, and the PLA indictment that revealed what the stolen data was really for.
0:00 — Introduction
0:42 — What Is Equifax
1:17 — The Data You Never Chose to Give
1:42 — Growth vs. Security
2:05 — ACIS: A 1970s System on the Public Internet
2:25 — CVE-2017-5638: The OGNL Injection
4:19 — The Missed Scan
5:37 — The Honour System
6:16 — CEO vs. Committee
6:37 — May 13th: The Door Opens
7:13 — No Walls: Lateral Movement
8:20 — The Harvest: 147 Million Records
9:31 — The Expired Certificate
10:45 — Found by Accident
11:09 — The Response Timeline
12:35 — The Response That Made Everything Worse
13:52 — Insider Trading
14:28 — Executive Departures
14:52 — The Settlement
15:34 — PLA Attribution
16:23 — The Intelligence Mosaic
17:05 — Entirely Preventable
17:47 — Closing
Full technical breakdown: zerodaylogs.com