Sunday, October 26, 2014

Shellshock via email? You bet'cha - UPDATED

Starting yesterday we began seeing some known spam host trying to execute code via specially crafted email messages. We believe SANS also is reporting similar traffic but we have not confirmed this at this time.

One of the recent breaches we reported on seems to be the source of some of these messages but not all. We are in the process of conducting additional research and will release additional information later today.

ADDITIONAL READING:
http://www.fireeye.com/blog/technical/2014/09/shellshock-in-the-wild.html

http://www.tripwire.com/state-of-security/incident-detection/understanding-shellshock-attack-vectors/

http://www.csoonline.com/article/2689294/data-protection/six-key-defenses-against-shellshock-attacks.html

http://www.zdnet.com/shellshock-attacks-mail-servers-7000035094/#ftag=RSS4d2198e

http://threatpost.com/shellshock-exploits-targeting-smtp-servers-at-webhosts/109034

No comments:

Post a Comment