By Ionut Ilascu 11 Apr 2015
Infected machines added to scanning network
http://i1-news.softpedia-static.com/images/news2/New-Shellshock-Worm-Seeks-Vulnerable-Systems-at-Tens-of-Thousands-of-IPs-478233-2.jpg
A new malicious operation that seeks to enslave hosts vulnerable to the Shellshock bug for Bash, the default command shell found in many Linux and Unix systems, has been observed by security researchers this week.
Disclosed in late September 2014, Shellshock is a serious vulnerability that allows an attacker to execute arbitrary commands in Bash by appending them after a variable function.
The shell is used in numerous services open to the Internet, such as web servers, which makes the security flaw a significant one. By comparison, its impact rivals the one Heartbleed had.
Despite patches being available and extensive media coverage, the Shellshock fix has not been applied by all administrators, leaving their machines vulnerable to cyber attacks.
Full Article
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.