Shellshock Spreads to Email
A report at the SANS website has raised alarms that attackers have learned to exploit the dangerous Shellshock bug, which makes any system running an unpatched version of the Bash shell vulnerable to attack, through SMTP email services. The InfoSec Handlers Diary Blog states, “I’ve received serveral reports of what appears to be shellshock exploit attempts via SMTP. The sources so far have all been webhosting providers, so I’m assuming these are compromised systems.” The post shows an infected header.
According to the report, the payload is “… an IRC bot with simple DDoS commands and the ability to fetch and execute further code.”
Yet one more reason to PATCH YOUR SYSTEMS …
Related content
- Bash Shellshock Bug Causes Attacks Around the World
- A Massive Rise of Linux XorDdos Malware Has Been Reported
-
Tested – Tenable Nessus v6
To ensure your servers and workstations are well protected against attacks on your network, you need a professional security scanner. In version 6, Tenable has substantially expanded its Nessus vulnerability scanner. We pointed the software at a number of test computers. - Dangerous New Attack Could Compromise One Third of All HTTPS Servers
-
Protect yourself from infected MS Office files
Attacks on Microsoft Office files are increasing. A multilayered approach is your best protection against this malware.
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Most Popular
Support Our Work
ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.
