Two malware samples trying to exploit the Bash vulnerability, both DDoS bots, were snared in a honeypot belonging to AlienVault Labs.
Tag Archives: Web Security
Patching Bash Vulnerability a Challenge for ICS, SCADA
Experts are concerned that many Linux-based industrial control systems and embedded systems could be too steep a patching challenge and remain in the crosshairs of the Bash vulnerability.
Bash Exploit Reported, First Round of Patches Incomplete
Reports of the first in-the-wild exploits targeting the Bash vulnerability have surfaced, as have complaints the first patches for the bug are incomplete.
Home Hacking Made Simple
David Jacoby looked at all of the Web-enabled devices in his house–TV, game console, network storage device–and found a handful of exploitable bugs in them.
Small Signs of Progress on DNSSEC
SEATTLE–DNS doesn’t have a lot of friends. It’s old, it’s kind of creaky and it has some insecurity issues. The few friends it has have tried to help it out in the last few years with the addition of DNSSEC, but that hasn’t gone so well, either. The Internet hasn’t been quick to adopt DNSSEC, […]
Researchers Work to Predict Malicious Domains
SEATTLE–A typical phishing or Web-based malware attack usually isn’t terribly complex. But they need a few things in order to work, and one of the key components often is a malicious domain. Researchers spend a lot of time identifying and taking these domains down, but some researchers now are trying to stay a step ahead […]
As Bug Bounties Become the Norm, Challenges Remain
SEATTLE–For many years, Microsoft and other large software vendors resisted the idea of providing bug bounties or other financial incentives for researchers to report vulnerabilities. That changed when the landscape began to shift and more researchers began reporting vulnerabilities through brokers or selling them on the open market. While bounties have now become commonplace, simply […]
Major Bash Vulnerability Affects Linux, UNIX, Mac OS X
A critical remote code execution vulnerability in Bash, present in almost all Linux, UNIX and Mac OS X deployments, has been discovered. Experts advise immediate patching.
More Trouble For jQuery As Second Compromise Reported
The website for JavaScript library jQuery is under attack for the second time in a week.
Health Insurance Marketplaces Could Improve Information Security
The marketplaces set up to provide health insurance to Americans under Obamacare are generally doing a good job of protecting personally identifiable information but can also improve security practices.