It was bound to happen. A major bug targeting the Linux community, and not Windows users. Thanks to Trend Micro labs, here are some related resources that will bring you up-to-date with this latest threat.
- Shellshock: A Technical Report – this technical brief describes the vulnerability in detail, as well as outlying which platforms are affected. http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-shellshock.pdf
- Shellshock Exploit Attempts Continue in China – servers in China are also being targeted by Shellshock. http://blog.trendmicro.com/trendlabs-security-intelligence/shellshock-exploit-attempts-continue-in-china
- Shellshock Continues to Make Waves with Active IRC Bot – IRC bots are being spread via Shellshock, hitting approximately 400 systems. http://blog.trendmicro.com/trendlabs-security-intelligence/shellshock-continues-to-make-waves-with-active-irc-bot/
- Shellshock Updates: BASHLITE C&Cs Seen, Shellshock Exploit Attempts in Brazil – we analyze the location of C&C servers associated with a DDoS attack using this vulnerability. http://blog.trendmicro.com/trendlabs-security-intelligence/shellshock-updates-bashlite-ccs-seen-shellshock-exploit-attempts-in-brazil/
- Shellshock Vulnerability Used in Botnet Attacks – certain institutions are now being hit with DDoS attacks tied to botnets that spread via Shellshock. http://blog.trendmicro.com/trendlabs-security-intelligence/bash-bug-vulnerability-used-in-botnet-attacks/
- Shellshock – How Bad Can It Get? – we analyze possible scenarios how Shellshock can be exploited. http://blog.trendmicro.com/trendlabs-security-intelligence/shellshock-how-bad-can-it-get/
- Bash Vulnerability (Shellshock) Exploit Emerges in the Wild, Leads to BASHLITE Malware – within hours of disclosure, Shellshock exploits were in the wild. http://blog.trendmicro.com/trendlabs-security-intelligence/bash-vulnerability-shellshock-exploit-emerges-in-the-wild-leads-to-flooder/
- Bash Vulnerability Leads to Shellshock: What it is, How it Affects You – initial disclosure of the vulnerability in Bash and a discussion of our solutions. http://blog.trendmicro.com/trendlabs-security-intelligence/shell-attack-on-your-server-bash-bug-cve-2014-7169-and-cve-2014-6271/
The original blog post can be found here – http://blog.trendmicro.com/trendlabs-security-intelligence/summary-of-shellshock-related-stories-and-materials/
