An easily exploitable zero-day vulnerability in Apache Struts 2 forced the Canadian government to take offline the websites associated with Canada Revenue Agency, used for filing tax returns, and Statistics Canada, just before the end of the fiscal year, according to Reuters.
The online security breach was actually experienced by Statistics Canada, but the Canada Revenue Agency site also had to be shut down as precaution because it shared the same vulnerability. Officials assure citizens that the attackers were blocked quickly and got no sensitive data or tax-related information.
Leave a reply