Story image

First we had heartbleed, now we're shellshocked

01 Oct 2014

Security companies are continuing to warn businesses to ensure they have patches in place across all vulnerable systems, following the discovery of yet another security bug, this time dubbed Shellshocked.

The vulnerability was discovered last week and affects systems running several versions of Linux and Unix operating systems, including Mac OS X, and some routers and internet of things devices.

As Shellshock is related to Linux it can affect both PC and Apple platform.

Trend Micro says the vulnerability – also known as the Bash Bug because it is a bug in the Unix Bash shell – is a ‘potentially plague-like’ vulnerability that can exploit command access to Linux-based systems constituting around 51% of web servers worldwide.

“Because of the pervasiveness, attacks against it could grow at a very fast pace.

“The recent Heartbleed vulnerability is similar in nature to Shellshock, but Heartbleed is dwarfed by the extent and reach of this new vulnerability.”

Reports quickly emerged of Shellshock related attacks internationally, with attacks leveraging the Bash bug vulnerability ranging from botnet attacks to IRC bots.

Trend Micro’s Geoff Prentis says there hasn't been much nefarious scanning for vulnerable systems across Australia and New Zealand, and little disclosure as yet of any malicious attacks.

However, he warns companies still need to be wary and ensure patching across all Internet facing servers.

Website operators are also warned to patch asap if Bash is in the script, or rescript away from Bash.

Prentis says there is ‘huge exposure’ for cloud, however he says ‘a lot’ of cloud providers moved ‘extremely quickly’ to protect themselves from the exploit.

He says it is key for any systems in the cloud to make sure they have protection such as an Intrusion Prevention System running inside their cloud environment, and that patches are quickly updated.

Because patching takes time, he suggest network forensics also be put to use.

Symantec said last week that the vulnerability could allow attackers to not only gain control over a targeted computer if exploited successfully, but could also provide them with access to other computers on the affected network.

Patches have been steadily released since the discover of the vulnerability, with Apple today releasing a patch for OS X 10.9 Mavericks, OS X 10.8 Mountain Lion and OS X 10.9 Lion.

While other organisations such as Google and Amazon were quick to issue statements about steps they had taken to address the vulnerability, Apple initially downplayed the risk to consumers, saying with OS X systems ‘are safe by default’ and not exposed to remote exploits of bash unless users configure advanced Unix services.

Prentis says the threat is a ‘mixed bag’.

“In the consumer space, exposure is not so large because consumers are less likely to be running web servers or the Linux platform.

“However, in the enterprise space, organisations need to go through a process of incident response.”

Orange Belgium opens 1,000 sqm Antwerp data centre
It consists of more than 500 high-density 52 unit racks, installed on the equivalent of 12 tennis courts.
Time to build tech on the automobile, not the horse and cart
Nutanix’s Jeff Smith believes one of the core problems of businesses struggling to digitally ‘transform’ lies in the infrastructure they use, the data centre.
Cloud providers increasingly jumping into gaming market
Aa number of major cloud service providers are uniquely placed to capitalise on the lucrative cloud gaming market.
Intel building US’s first exascale supercomputer
Intel and the Department of Energy are building potentially the world’s first exascale supercomputer, capable of a quintillion calculations per second.
NVIDIA announces enterprise servers optimised for data science
“The rapid adoption of T4 on the world’s most popular business servers signals the start of a new era in enterprise computing."
Unencrypted Gearbest database leaves over 1.5mil shoppers’ records exposed
Depending on the countries and information requirements, the data could give hackers access to online government portals, banking apps, and health insurance records.
Storage is all the rage, and SmartNICs are the key
Mellanox’s Kevin Deierling shares the results from a new survey that identifies the key role of the network in boosting data centre performance.
Opinion: Moving applications between cloud and data centre
OpsRamp's Bhanu Singh discusses the process of moving legacy systems and applications to the cloud, as well as pitfalls to avoid.