09/30/2014

Shellshock or Bashbug : the 5 essential things you have to know (or don't want to know)

what you have to know (forget the hundreds of articles that are polluting the internet and hiding the essential information)

1. the code we are talking about is 22 years old and has been written without keeping into mind any standard or control or securitytest or whatever

if you can't replace it you are in big trouble

2. the attacks have started the 2nd of september, the vulnerability was discovered around the 10th and the patching started 2 weeks later (and will be an ongoing process)

there are for the moment millions of scans and attacks going on so if you have a reason to worry about your infrastructure or data, than you should follow this up

if you don't have an IPS and WAF you are just naked, waiting to be raped digitally by some attackers

3. we are now at our 2nd patch because the first wasn't working but at the same moment we are for the moment at 6 official vulnerabilities of which 2 are SECRET (which doesn't mean that they aren't being used for the moment but it is better to keep them secret for the time being before they become common knowledge of the attackers)

you should receive a permanent immediate update from your essential information sources for your products and the general internet security sources like https://isc.sans.org because the situation can change or calm down at first to explode afterwards at any moment (as you are reading this)

4. there is for the moment not much coordination so information is going around at an ever increasing speed and not everybody understands the difference between the different kinds of attacks, vulnerabilities, exploits and that a vulnerability that even if it can be attacked doesn't mean that it always can be exploited

5. there is nothing like this and we are not prepared because you can't be prepared for situations like this, you can only try to limit your risks. People who have put everything on the cloud and thought that cheaper opensource products were better than products with some support behind it will now get value for their money. A Return on Investment of a million against one

Expect everything because everything is possible (with up to half a billion machines that eventually could be attacked and even if only 3% can be exploited this makes an enormous base for botnets and malware)

and my last thought is

which opensource code is next ?

more links at

https://www.diigo.com/list/mailforlen/Security/6n0ke5g 

Rss feed is here https://www.diigo.com/rss/list?u_name=Mailforlen&uri=...

Permalink | |  Print |  Facebook | | | | Pin it! |

The comments are closed.