Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Shellshock Bash hackers found gearing up for broader attacks

Antone Gonsalves | Sept. 29, 2014
AlienVault used a honeypot to trap malware uploaded by attackers exploiting the Shellshock Bash vulnerability.

On Wednesday, AusCERT, the Computer Emergency Response Team of Australia, was among the first to report that Shellshock exploits were in the wild.

The discovery sent shockwaves across the Internet. Linux distributors, including Debian, Unbunt, Red Hat, CentOS and Novell/SUSE, scrambled to push out temporary patches while vendors released signatures to block exploits traveling through intrusion prevention systems.

Web servers running CGI are the most vulnerable to immediate attack, while the risk to Mac OS X computers is less.

That's because the most likely path to compromise Macs would be through SSH, a secure communications protocol, Symantec said. To take that route, the attacker would need valid SSH credentials, which means he would already have to be logged into an SSH session.

Older Internet of Things and embedded devices running Bash would also be vulnerable, while new devices would not, Symantec said. The latter typically runs a set of tools called BusyBox, which does not have the vulnerability.


Previous Page  1  2 

Sign up for Computerworld eNewsletters.