The invasion is on! All over the planet Earth people, vendors, companies, and governments are scrambling to stop the attacks from the GNU Bash Shellshock Bug.
Like some rampaging menace from another world, this bug invasion has everyone looking for patches and such to fix the holes in the software. The first wave of the invasion began when the attacks first swarmed by creating DDoS botnets that when managed using IRC were followed by reconnaissance attempts in China and Brazil. The invaders looked for the Ips of a number of financial and other institutions and businesses had fallen under the inscrutable eye of of the attackers, they would then ask the target servers for whatever information about the configuration of that entities computer systems such as OS, processor, etc..
Like ants gathering food and materials for the winter, these attacking invaders are gathering up data for future incursions where they’ll steal from banks, people, governments, and more.
Cisco Systems has reportedly put out an advisory that spotlights a number of their networking products that they feel are vulnerable. Cisco has posted updates to the vulnerabilities where patches and remedies can be found. In addition, Cisco has provided SNORT and IPS signatures that are said to be able to detect and stop the attacks at the network level. This should halt the little buggers in their tracks before they can reach one’s system.
Issuing a security alert is Oracle that details its products vulnerabilities. The company has provided patches for their affected systems. Recommending that users should check regularly for updates. They claim to be working on the problem to ensure that any further incursions will be handled properly.
Delving further into this debacle to help explain the issue more is Chet Ramey who is the current GNU Bash maintaner. Ramey stats that over the past weekend their new patch fixing two vulnerabilities, CVE-2014-7169, and CVE-2014-7169 are now ready to download and use. Giving credit to Red Hat for developing the patch, it also fixes two other vulnerabilities such as CVE-2014-6277, and CVE-2014-6278.