WELCOME TO THE WEEKEND ROUND-UP – WEB ATTACKS BUILD ON SHELLSHOCK BUG

29 Sep WELCOME TO THE WEEKEND ROUND-UP – WEB ATTACKS BUILD ON SHELLSHOCK BUG

Welcome to the Weekend Round-Up

Last week, millions of servers were compromised by Shellshock, with reports suggesting up to 500 million machines that could be vulnerable to the bug.

The Shellshock bug was first discovered in a tool known as Bash, which is widely used by Unix operating system and many of its variants including Linux open source software and Apple’s OSX. Security researcher Kasper Lindegaard from Secunia revealed that, Shellshock may pose more of a threat than Heartbleed bug as it gave attackers more control.

There are several factors that needs to be considered for a system to be vulnerable to it. The bug needs to be present on most Linux, BSD, and Unix-like system. In order to exploit this flaw, an attacker would need the ability to send a malicious environment variable to a program interacting with the network and this program would have to be implemented in Bash, or spawn a sub-command using Bash.

We have acted swiftly in light of this cyber threat and mitigated unauthenticated user attack capabilities to ensure our clients and staff are protected.  If you would like to know more or have Aware assess your systems, contact info@aware.co.th

News moves fast. Technology news moves even faster. Aware’s Weekend Round-Up will cover off any local and overseas news you may have missed over the weekend. Start your week off with a coffee and Aware’s Weekend Round-Up.