Jaime Blasco

‘Shellshock’ Bug

October 4th, 2014

What is Shellshock Bug?

Attackers are exploiting critical, newly-disclosed security weakness present in countless networks and Websites that depends on Unix and Linux operating systems. According to the Experts, “Shellshock Bug,” is so tangled with the modern Internet that it could prove puzzling to find solution.

If the threat remains unchecked then in the short run it is likely to put millions of networks and countless consumer records at risk of exposure. There are lot of similarities between recent Heartbleed vulnerability because of its omnipresence and sheer potential for causing havoc on Internet-connected systems mainly websites. According to the reports, the issue lies in the GNU Bourne Again Shell (Bash), the text-based, command-line utility on multiple Linux and Unix operating systems.

Jaime Blasco, labs director at AlienVault, has been running a honeypot on the vulnerability since yesterday to emulate a vulnerable system.

“With the honeypot, we found several machines trying to exploit the Bash vulnerability,” Blasco said. “The majority of them are only probing to check if systems are vulnerable. On the other hand, we found two worms that are actively exploiting the vulnerability and installing a piece of malware on the system. This malware turns the systems into bots that connect to a C&C server where the attackers can send commands, and we have seen the main purpose of the bots is to perform distributed denial of service attacks.”

The OS vulnerability table can be given as:

Microsoft Windows users: No Impact

Linux and UNIX systems: Patches are available

Mac users: Vulnerable

Alertsec strengthens security

Alertsec has created a web based encryption service that radically simplifies deployment and management of PC encryption by using industry leading Check Point Full Disk Encryption (former Pointsec) software.

Organizations, especially corporate giants, have to have an information security policy in place that proves they have taken necessary steps and measures to safeguard the information they gathered. If these policies are not adhered to, the regulators may prosecute.

Alertsec Xpress is used by organizations that have recognized the need to protect their information. Customers range from single-user sole traders and consultants to multinational companies with a large number of offices around the globe. Over 4 million users worldwide use Alertsec Xpress’s Check Point Full Disk Encryption.