SafeUM
Home Blog Services Download Help About Recharge

Axarhöfði 14, 110 Reykjavik, Iceland

Iceland - 2015
SafeUM
Blog
Services
Download
Help
About
Recharge
Menu
Archive
#Shellshock
11 Dec 2014

Nine security predictions for 2015

It’s December, and in the security industry that means one thing: predictions from experts about what trends will emerge in the next year. As always, some stuff is new, while other items show up on these lists every year.

Criminal groups will increasingly adopt nation-state tactics. There are a couple of ways that I see this potentially working: the nation-state groups could work together with criminal groups towards a common goal. State groups could also contract their espionage activities out to criminal groups, that will use criminal tools and expertise to perform spying activities, steal intellectual property or gather intelligence about vulnerabilities. Below there are nine predictions from experts.

Read more
Tags:
Apple Heartbleed Shellshock WireLurker trends
Source:
Kaspersky Daily
2319
18 Nov 2014

Attackers ShellShock, take over devices running on BusyBox

ShellShock, the remote code execution bug affecting GNU Bash, the command interpreter present on many Unix systems and Linux distributions, is still being exploited by attackers.

Experts warn about attackers leveraging a new version of the Bashlite malware, which was initially created as a DDoS bot with brute forcing capabilities and exploits the ShellShock bug. The malware now targets both computers and other devices running on BusyBox, located on the same network. The BusyBox software provides a number of Unix tools in a single executable file, and was specifically developed for embedded operating systems with limited resources. 

Read more
Tags:
BusyBox information leaks ShellShock DDoS
Source:
Help Net Security
2388
30 Oct 2014

Shellshock exploits targeting SMTP servers

The persistence of the Shellshock vulnerability remains high more than a month after it first surfaced. The latest attacks involved SMTP servers belonging to web hosts. Attackers are using Shellshock exploits targeting the now infamous vulnerability in Bash in order to drop a perl script onto compromised computers.

The script adds the hacked computers to a botnet that receives its commands over IRC. The attack leverages Shellshock as a main attack vector through the subject, body, to, from fields. Once compromised, a perl botnet is activated and beaconing on IRC for further instructions.

Read more
Tags:
Shellshock SMTP Bash fraud information leaks
Source:
Threatpost
2037
14 Oct 2014

Multiple Polycom Products Affected by ShellShock Vulnerability

Polycom has published a security advisory listing several products that are vulnerable to the recently disclosed GNU Bash vulnerability dubbed "ShellShock." Polycom provides telepresence, video, voice and infrastructure solutions to 400,000 organizations worldwide.

The company says some of its products are still under investigation, but so far it has identified a dozen solutions plagued by the Shellshock bug. The ShellShock vulnerability can be exploited via four attack vectors. Depending on the vector, organizations can take steps to protect themselves before a patch is released by the vendor.

Read more
Tags:
ShellShock information leaks Polycom
Source:
Security Week
1828
3 Oct 2014

What is the Bash vulnerability and why it affects everyone

In what seems like the most impactful security vulnerability since the OpenSSL Heartbleed affair, a new Internet-wide bug emerged this week in the Bourne again shell (Bash).

While its true severity remains unknown, the Bash vulnerability (also known as “shell shock”) is being talked about everywhere, and you may have even seen your local news anchors discussing the story in front of a green-screen covered in fast-scrolling computer code on last night’s evening news. Bash is present in a very large number of Web-servers and in-home appliances. What is Bash?

Read more
Tags:
information leaks Bash Shellshock OpenSSL Heartbleed
Source:
Kaspersky Daily
Author:
Brian Donohue
2257
2 Oct 2014

Hackers are already using the Shellshock

With a bug as dangerous as the “shellshock” security vulnerability discovered yesterday, it takes less than 24 hours to go from proof-of-concept to pandemic. The shellshock attacks are being used to infect thousands of machines with malware designed to make them part of a botnet of computers that obey hackers’ commands.

And in at least one case the hijacked machines are already launching distributed denial of service attacks that flood victims with junk traffic, according to security researchers. The attack is simple enough that it allows even unskilled hackers to easily piece together existing code to take control of target machines.

Read more
Tags:
ShellShock information leaks
Source:
WIRED
2136
SafeUM NEWS
27 Apr 2017 safeum news imgage Encrypted Group Chat
4 Apr 2017 safeum news imgage Each SafeUM user gets free anonymous phone number
10 Mar 2017 safeum news imgage SafeUM useful features to help you feel safe
28 Sep 2016 safeum news imgage Secure Messenger SafeUM
21 Jul 2015 safeum news imgage New secured zone of Google Play: secure messenger SafeUM for Android. Download, Install, Communicate
3 Apr 2015 safeum news imgage We are beginning to test SafeUM for Windows Phone
25 Feb 2015 safeum news imgage SafeUM messenger is available for public testing
20 Feb 2015 safeum news imgage Algorithms and encryption schemes used for secure messenger SafeUM
30 Jan 2015 safeum news imgage New "TOP Security!" app is on the App Store
22 Jan 2015 safeum news imgage Free "TOP Security!" app is available on Google Play
28 Oct 2014 safeum news imgage How are security keys generated in SafeUM?
19 Jun 2014 safeum news imgage SafeUM is the best messenger for data protection and information security
16 Jun 2014 safeum news imgage Become a SafeUM tester and get free PREMIUM subscription for a year
12 May 2014 safeum news imgage Why Premium secure messenger SafeUM cannot be free
25 Apr 2014 safeum news imgage Encrypted secure messaging for every mobile device
All news
SafeUM
Confidential Terms of Use Our technologies Company
Follow us
Download
SafeUM © Safe Universal Messenger

Axarhöfði 14,
110 Reykjavik, Iceland

Iceland - 2015