The ShellShock bash vulberability on virtually all non-Windows platforms has been reported here previously (See ShellShock – the bash bug), but what about Windows? What about Windows, indeed. A cursory test using spoofed user-agent strings against an IIS webserver appeared to have no affect, though, so for now, at least for me, this seems to […]
Month – October 2014
In case you missed it, a USB exploit called BadUSB was announced at BlackHat this year. It unveils a method of re-writing the firmware of a USB device in such a way as to create undetectable, malware capable of anything, on Windows machines, MACs and Linux devices, and you don’t have any tools to stop […]
SuperValu Inc. has announced that the discovery of malware in it’s Point Of Sale (POS) systems for the second time. The first occurred during June and July of this year. SuperValu said in a news release on it’s web site that a new, different malware has been detected in the payment processing network which services […]
CryptoWall, the heavy-hitting file encryption malware, is back. This ransomware encrypts all the user files it can find – local hard drive, USB disk/stick, network shares, online backups – with industrial-strength encryption, and the master key is not discoverable. Bad news. A new variant is being spread via infected ads, which are being distributed by […]
Bash bug. We’re not talking about what to do when we find a cockroach – we’re talking about CVE-2014-6271/CVE-2014-7169, a remote vulnerability in what is arguably the most popular Unix/Linux command interpreter, and all versions of it since 1994 through…oh…now. This potentially allows virtually any hacker to get any (full) access to almost any non-Windows […]
Recent Comments