Dark Reading

'Shellshock' Bash Bug Impacts Basically Everything, Exploits Appear In Wild

"Shellshock," the critical remote command execution Bash bug disclosed yesterday, is now being exploited in the wild. Some affected software companies have released patches (which only partially fix ...
JD Supra

Federal Financial Regulators Issue Warning on ‘Shellshock’ Security Vulnerability

The Federal Financial Institutions Examination Council (FFIEC) recently issued an alert warning financial institutions of a security vulnerability nicknamed “Shellshock” in software commonly used in ...
CSOonline

Shellshock Bash vulnerability being exploited in the wild, Red Hat says patch incomplete

On Wednesday, AusCERT and MalwareMustDie reported that Shellshock is being exploited in the wild. Shellshock is the name given to a vulnerability that exists in GNU Bash versions 1.14 through 4.3.
PC World

OpenVPN servers can be vulnerable to Shellshock Bash vulnerability

Virtual private network servers based on OpenVPN might be vulnerable to remote code execution attacks through Shellshock and other recent flaws that affect the Bash Unix shell. The OpenVPN attack ...
Ars Technica

A Georgia election server was vulnerable to Shellshock and may have been hacked

Forensic evidence shows signs that a Georgia election server may have been hacked ahead of the 2016 and 2018 elections by someone who exploited Shellshock, a critical flaw that gives attackers full ...
Computerworld

Shellshock flaw roils Linux server shops

A long-standing vulnerability unearthed in the GNU Bash software, nicknamed Shellshock, has disrupted the daily activities of the Linux system administrator community, as Linux distributors, cloud ...
Dark Reading

Why Shellshock Remains a Cybersecurity Threat After 9 Years

The Shellshock vulnerability got a lot of attention when it was first disclosed in 2014 — both from the media and security teams. While that attention has waned in subsequent years, the Shellshock ...