SANS Internet Storm Center reports attacks against SMTP servers using Shellshock exploits to create a DDoS botnet.
Tag Archives: shellshock
“Poodle†security hole has a nasty bite
A security hole called Poodle could allow hackers to take over your banking and social media accounts.
Yesterday, Google researchers announced the discovery of a security bug in version 3 of the Secure Sockets Layer protocol (SSLv3). This web technology is used to encrypt traffic between a browser and a web site, and can give hackers access to email, banking, social accounts and other services.
Poodle bites multiple users in unsecure open WiFi networks, like the ones you use at coffee shops, cafes, hotels, and airports.
âTo exploit the vulnerability, you must be running javascript, and the attacker has to be on the same network as youâfor example, on the same Starbucks Wi-Fi network youâre using,â explained Kim Zetter in a WIRED article.
Avast experts strongly recommend that our users protect themselves when using free WiFi with avast! SecureLine VPN.
Poodle is not considered as serious a threat as this past springâs Heartbleed bug which took advantage of a vulnerability in OpenSSL, and or last month’s Shellshock bug in Unix Bash software.
SSLv3 is an outdated standard (itâs a decade and a half old), but some browsers, like Internet Explorer 6, and older operating systems, like Windows XP, only use the SSLv3 encryption method. Googleâs security team recommends that systems administrators turn off support for SSLv3 to avoid the problem, but warns that this change will break some sites.
Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter and Google+. Business owners â check out our business products.
Shellshock Exploits Spreading Mayhem Botnet Malware
Researchers at Malware Must Die published a report that hackers are spreading Mayhem botnet malware in exploits targeting the Shellshock vulnerability in Bash.
Yahoo told to “pull your pants up†after Shellshock hack claims
Yesterday, security researcher Jonathan Hall, of a company called Future South Technologies, accused Yahoo of having suffered a serious security breach via the recently discovered Shellshock vulnerability in Bash.
The post Yahoo told to “pull your pants up” after Shellshock hack claims appeared first on We Live Security.
Yahoo Confirms Infected Servers Unrelated to Shellshock
Yahoo CISO Alex Stamos confirmed that three servers had been infected with malware by hackers looking for machines vulnerable to Shellshock.
Shellshock-like Weakness May Affect Windows
A weakness in Windows, similar to Shellshock, may put Windows Server deployments at risk to remote code execution.
Threatpost News Wrap, October 3, 2014
Dennis Fisher and Mike Mimoso talk about the Bash Shellshock bug nightmare and the BadUSB code release.
VMware Begins to Patch Bash Issues Across Product Line
VMware issued a progress report on fixes for four different types of products as they relate to the Bash vulnerability.
How to fix Shellshock Bash on Mac OS X: Mavericks edition
Apple Mac OS X users concerned about the Bash vulnerability dubbed Shellshock got some relief late yesterday as Apple published fixes for various versions of OS X. But if you use Mavericks you will need to install 10.9.5 before the Bash fix will work.
The post How to fix Shellshock Bash on Mac OS X: Mavericks edition appeared first on We Live Security.
Shellshock vulnerability: should we be concerned?
We are continually hearing about bugs and vulnerabilities that could potentially be serious. The latest one named ShellShock can potentially be used to remotely take control of almost any system that is using a software component called Bash. This sounds devastating and it course of could be, but donât start running for the hills or deciding to unplug from the Internet quite yet though.
Bash is a software component that exists on many Linux systems including Appleâs Mac OSX. As Linux is the operating system used on a large number of the web servers, a bug like this could mean cybercriminals have the potential to exploit the vulnerability and cause harm to users of the web server or indeed to the company whose web server it is. They do this by inserting malware on the server that could potentially collect data, cracks passwords or do something particularly malicious.
At the time of writing this blog there is already a large number of patches available that address this vulnerability for servers and reputable companies have teams in place that watch for these alerts and update their servers to protect them and the users of the services they offer. A good example is our own security team here at AVG who immediately ran an audit to see if we had any servers that may have this vulnerability, and they have already confirmed that our servers are safe.
If you are a Mac user should you be concerned and what do you need to do?
Apple has, as expected, reacted quickly and is releasing an automatic update to OSX that users will be prompted to install. They have also made it clear that the issue does not affect the majority and is an issue for power users that take advantage of the advanced UNIX services within OSX. If the previous sentence has baffled you then you are in the group that Apple say are not at risk.
Even as a power user at home you are likely to be sitting behind a firewall that would detect someone trying to execute commands on your machine and they would be blocked. However bad guys may well try and trick users to into installing files that could leave them more vulnerable to attack, a good rule is to not click something that you donât recognize and remember the update will only come directly from Apple. When you see the update appear through on your Mac, install it immediately so that you stay safe.
There are also other devices in our homes that run Linux. Many of the routers and broadband modems we use to connect to the Internet also utilize Linux as an operating system and because of this we recommend you watch for updates from those vendors and take the action to install them. If your router is provided by your ISP then they should push the update to the router automatically.
It is good practice to allow the automatic updates on your devices so that they are maintained by the manufacturer of the device to protect you from issues like this. Having up to date anti-virus software installed and active is also of paramount importance in todayâs environment where more of our data than ever before is held by us on our devices. The protection provided will detect and block an exploit such as this where cybercriminals attempt to install malware on your machine. AVGâs Free Antivirus is available for Mac and PC users and can be downloaded from www.avg.com