The ‘ShellShock’ continues…

Recent news indicates that Yahoo servers were breached by a Romanian hacker group along with Lycos and WinZip.

Yahoo advises that no user information was exposed and they claim that the servers were not affected by ShellShock.

According to the comments by the Yahoo CISO, malicious code was executed on the servers by attackers looking for ShellShock vulnerable hosts.

The attackers modified the ShellShock exploit and were running scripts that happened to match a vulnerability in some of the Yahoo Sports APIs.

The main concern here is that ShellShock may only be the beginning, the door that was shut, is now wide open.

The exploit for this vulnerability seems to be a good base for other exploits that in turn can cause major headaches to all IT Security professionals, especially those with old Unix implementations either as servers or embedded devices such as storage controllers.

Anyway enough of this ShellShock banter. Let’s talk about one of our old favourites and purveyors of many a security vulnerability, step forward: Adobe.

Adobe has announced (or admitted) that the Digital Editions version of its software communicates what you are reading back to Adobe HQ, unbelievably in unencrypted HTTP packets, in the name of piracy protection. Not only does this sort of privacy invasion suck, but you have to wonder what else Adobe has planned, not to mention what this ‘functionality’ could be talked into doing by the bad guys if the product was exploitable, which it is almost certain to be.

Enterprise managers using Adobe tools for secret business documents should look into this and have a strategy for locking them down.

ITC’s NetSure360° managed security service offers monitoring, detection, alerting and protection against unwanted apps or vulnerabilities, and can stop/restrict network access for rogue devices, or devices running naughty, nasty applications (including the full Adobe suite!). If you would like to find out more about our services, please contact [email protected] or call 020 7517 3900