After all the hype of the last week about the Shellshock/Bash attack it is time we had a run down of way things seem to be going.
Ericka Chickowski News - 9/29/2014 Attacks against the Bash bug increase in volume and variety, with an emphasis on information gathering and botnet building. As security teams reel from last week's Shellshock headlines, attackers are catching on quickly to the vulnerability. Exploits have rapidly come out of the woodwork. Researchers immediately warned this major vulnerability in Bash would likely have a much worse impact than Heartbleed, considering the severity of the exploit and its pervasive presence in so many Linux and UNIX systems. The resulting attacks are starting to crystallize their picture of the threat.
"Ever since the shellshock vulnerability has been announced, we have seen a large number of scans probing it," according to a post by Johannes Ullrich, director of the SANS Internet Storm Center. Ullrich reports a number of different attacks, including vulnerability checks using multiple headers and simple vulnerability checks using custom user agents.
Full Article
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.