• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   shellshock

One Year After Shellshock, Are Your Servers and Devices Safer?

  • Posted on:September 24, 2015 at 7:04 am
  • Posted in:Vulnerabilities
  • Author:
    Trend Micro
0

Security researchers were the first to respond during the Shellshock attacks of 2014. After news of the fatal flaw in the prevalent Bash (Bourne Again Shell)— found in most versions of the Unix and Linux operating systems as well as in Mac OSX —was released, researchers started looking into how it can be used against affected web…

Read More
Tags: bashBASHLITEshellshock

Remembering the Vulnerabilities of 2014

  • Posted on:January 14, 2015 at 5:20 pm
  • Posted in:Exploits, Vulnerabilities
  • Author:
    Pawan Kinger (Director, Deep Security Labs)
0

With the New Year celebrations safely behind us, it’s time to look forward and plan for 2015. Before we can do that, however, we need to spend a few minutes to remember the vulnerabilities of 2014 and what we can take away from these. Every year there are several zero-days and tons of undisclosed vulnerabilities fixed…

Read More
Tags: AdobeCVEExploitsHeartbleedMicrosoftPOODLEshellshockVulnerabilities

Patches Not Cure-all for Shellshock

  • Posted on:December 23, 2014 at 12:05 am
  • Posted in:Vulnerabilities
  • Author:
    Trend Micro
0

Earlier this year, Linux system administrators all over the world had to deal with the Shellshock vulnerability, which could lead to malicious code being run on Linux systems. Servers running various web services were at particular risk. By now, most major distributions have been able to release patches that upgraded the vulnerable bash shell to versions not affected…

Read More
Tags: bashbash bugIDSLinuxpatchingshellshockwhitelisting

Bash Bug Saga Continues: Shellshock Exploit Via DHCP

  • Posted on:October 8, 2014 at 3:08 pm
  • Posted in:Exploits, Vulnerabilities
  • Author:
    Akash Sharda (Vulnerability Researcher)
0

The Bash vulnerability known as Shellshock can be exploited via several attack surfaces including web applications, DHCP, SIP, and SMTP. With multiple proofs of concept (including Metasploit code) available in the public domain, this vulnerability is being heavily exploited. Most discussion of Shellshock attacks have focused on attacks on web apps. There has been relatively…

Read More
Tags: Bash vulnerabilityDHCPLinuxshellshockvulnerability

Shellshock Vulnerability Downloads KAITEN Source Code

  • Posted on:October 5, 2014 at 11:55 am
  • Posted in:Exploits, Mac, Malware, Vulnerabilities
  • Author:
    Trend Micro
0

Since the discovery of Shellshock, Trend Micro has continuously monitored the threat landscape for any attacks that may leverage these vulnerabilities. So far, we have identified an active IRC bot, exploit attempts in Brazil and China, botnet attacks, and a wide variety of malware payloads such as ELF_BASHLITE.A, ELF_BASHLET.A, and PERL_SHELLBOT.WZ among others.  It is reported that…

Read More
Tags: bash bugExploitKAITENshellshockVulnerabilities
Page 1 of 3123

Security Predictions for 2020

  • Cybersecurity in 2020 will be viewed through many lenses — from differing attacker motivations and cybercriminal arsenal to technological developments and global threat intelligence — only so defenders can keep up with the broad range of threats.
    Read our security predictions for 2020.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

Sorry. No data so far.

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.