Major Bash vulnerability affects Linux, Unix, Mac Os x (shell shock)

Maji · Oct 2, 2014

hqsec said: ↑

http://www.fireeye.com/blog/technical/2014/10/the-shellshock-aftershock-for-nas-administrators.html
Click to expand...

Thank you for this story! Our management team was discussing what risks our storage appliances face from this exploit, and this is a real world example of what I was trying to communicate to them.

High five!

Minimalist · Oct 2, 2014

Maji said: ↑

Thank you for this story! Our management team was discussing what risks our storage appliances face from this exploit, and this is a real world example of what I was trying to communicate to them.

High five!
Click to expand...

You're welcome!

Minimalist · Oct 3, 2014

The worst of Shellshock might have already passed

Shellshock is continuing to make waves in the digital world, but if new research is any indication, scans for the bug seem to be slowing down and attacks might have already peaked.
Click to expand...

http://www.scmagazine.com/the-peak-of-bash-bug-might-have-been-already-seen/article/375134/

Minimalist · Oct 6, 2014

We found that one of the payloads of Bash vulnerabilities, which we detect as TROJ_BASHKAI.SM, downloaded the source code of KAITEN malware, which is used to carry out denial-of-service attacks. Based on our analysis, when TROJ_BASHKAI.SM is executed, it connects to the following malicious URLs:
Click to expand...

http://blog.trendmicro.com/trendlab...k-vulnerability-downloads-kaiten-source-code/

Veeshush · Oct 6, 2014

Shellshock, the Bashdoor Bug - Computerphile
https://www.youtube.com/watch?v=MyldPMn95kk

Minimalist · Oct 6, 2014

White hat claims Yahoo and WinZip hacked by “shellshock” exploiters

A security researcher claims to have uncovered a botnet being built by Romanian hackers using the“Shellshock” exploit against servers on a number of high-profile domains, including servers at Yahoo and the utility software developer WinZip. Jonathan Hall, president and senior engineer of technology consulting firm Future South Technologies published a lengthy explanation of the exploits and his communications with the exploited on his company’s website this weekend and said that Yahoo had acknowledged finding traces of the botnet on two of its servers.
Click to expand...

http://arstechnica.com/security/201...o-and-winzip-hacked-by-shellshock-exploiters/

Minimalist · Oct 7, 2014

Yahoo CISO Alex Stamos refuted claims made by a Louisiana security company that a number of Yahoo servers had been compromised by Romanian hackers using Shellshock exploits against the vulnerability in Bash.

Stamos said three Yahoo Sports API servers were infected with malware by hackers looking for webservers vulnerable to the Shellshock vulnerability, but the exploits were not related to Shellshock. Those servers, which provide live game streaming, do not store user data and were isolated upon discovery of malware, Stamos said.
Click to expand...

http://threatpost.com/yahoo-confirms-infected-servers-unrelated-to-shellshock

ronjor · Oct 7, 2014

Yahoo Confirms Infected Servers Unrelated to Shellshock

by Michael Mimoso

Yahoo CISO Alex Stamos refuted claims made by a Louisiana security company that a number of Yahoo servers had been compromised by Romanian hackers using Shellshock exploits against the vulnerability in Bash.
Click to expand...

http://threatpost.com/yahoo-confirms-infected-servers-unrelated-to-shellshock/108726

Dermot7 · Oct 8, 2014

We recently blogged about the GNU Bash arbitrary code execution vulnerability (CVE-2014-6271) dubbed as Shellshock and covered some initial attacks that we captured in the wild during the first week of this vulnerability disclosure. We have continued to monitor the Shellshock exploit attacks and the malicious payloads that were getting dropped over past two weeks.

In this blog, we wanted to share a summary of new exploit attacks and new tricks that cybercriminals have deployed to increase the chances of infection.
Click to expand...

http://research.zscaler.com/2014/10/bashed-evolution-of-shellshock-attack.html

Minimalist · Oct 8, 2014

Most discussion of Shellshock attacks have focused on attacks on web apps. There has been relatively little discussion on on other surfaces like DHCP, SMTP, and CUPS. In this post, we’ll tackle Shellshock exploits over the DHCP protocol. These techniques could be used by an attacker to compromise more machines within the network.
Click to expand...

http://blog.trendmicro.com/trendlab...g-saga-continues-shellshock-exploit-via-dhcp/

MrBrian · Oct 9, 2014

Bash bug: the other two RCEs, or how we chipped away at the original fix (CVE-2014-6277 and '78 )

lotuseclat79 · Oct 9, 2014

PSA: #shellshock still unfixed except in Debian unstable.

I just installed, for work, Hanno Böck’s bashcheck utility on our monitoring system, and watched all¹ systems go blue.

① All but two. One is not executing remote scripts from the monitoring for security reasons, the other is my desktop which runs Debian “sid” (unstable).

This means that all those distributions still have unfixed #shellshock bugs.
Click to expand...

-- Tom

Minimalist · Oct 9, 2014

Considering its hunger for *NIX systems, it’s no surprise that attackers have begun leveraging theShellshock vulnerability in Bash to propagate Mayhem.
Click to expand...

http://threatpost.com/shellshock-exploits-spreading-mayhem-botnet-malware

ronjor · Oct 13, 2014

Multiple Polycom Products Affected by ShellShock Vulnerability

By Eduard Kovacs on October 13, 2014

Polycom has published a security advisory listing several that are vulnerable to the recently disclosed GNU Bash vulnerability dubbed "ShellShock.
Click to expand...

"http://www.securityweek.com/multiple-polycom-products-affected-shellshock-vulnerability

Dermot7 · Oct 27, 2014

Reports are emerging that attacks are being performed against SMTP servers using the Shellshock bug. The campaign seeks to create an IRC botnet for DDOS attacks and other purposes.
Click to expand...

Shellshock attacks mail servers | ZDNet

Minimalist · Nov 16, 2014

A new BASHLITE variant infects devices running BusyBox

A new variant of the BASHLITE malware exploiting the ShellShock vulnerability was used by cyber criminals to infect devices that use BusyBox software.
Click to expand...

http://securityaffairs.co/wordpress/30225/cyber-crime/bashlite-exploits-shellshock.html

Log in or Sign up

Major Bash vulnerability affects Linux, Unix, Mac Os x (shell shock)

Maji Registered Member

Minimalist Registered Member

Minimalist Registered Member

Minimalist Registered Member

Veeshush Registered Member

Minimalist Registered Member

Minimalist Registered Member

ronjor Global Moderator

Dermot7 Registered Member

Minimalist Registered Member

MrBrian Registered Member

lotuseclat79 Registered Member

Minimalist Registered Member

ronjor Global Moderator

Dermot7 Registered Member

Minimalist Registered Member

Log in or Sign up

Major Bash vulnerability affects Linux, Unix, Mac Os x (shell shock)

Maji Registered Member

Minimalist Registered Member

Minimalist Registered Member

Minimalist Registered Member

Veeshush Registered Member

Minimalist Registered Member

Minimalist Registered Member

ronjor Global Moderator

Dermot7 Registered Member

Minimalist Registered Member

MrBrian Registered Member

lotuseclat79 Registered Member

Minimalist Registered Member

ronjor Global Moderator

Dermot7 Registered Member

Minimalist Registered Member

Useful Searches