4/15/2023 0 Comments Shellshock live paperIn looking at data protection, we now expect high-profile threats to be exploited almost immediately after the public release of an exploit Shellshock was no exception. When all is said and done (well, sort of - the threat never really goes away), we take a deeper look at the data. There is no time for us to “ooh” and “aah” at wondrous charts or bask in the beauty of a glorious trend line. Who can blame them for wanting to narrow their attack surface? Outside of this activity, we investigated several interesting vectors used to target this vulnerability, including email reconnaissance, perlbot password-grab attempt, perl reverse shell and mayhem malware installer.ĭuring the beginning stages of an incident, security groups spend most of their energy putting out fires and working quickly to research, respond and mitigate the threat. This data is often used by attackers to identify vulnerable systems. The majority of the attacks source from the well-known search engine Shodan.io probing and cataloging vulnerable systems. With all this data to analyze, my colleagues and I shared some of our thoughts in a research and intelligence paper titled “ Shellshock.” When it comes to data, more is a good thing, and analysts such as myself become giddier when there are massive amounts of data to play with. Sometimes, having more results in a positive outcome (such as more canned foods during a food drive) and sometimes, having more results in a negative outcome (such as more rain in a flood zone). Who came up with the notion that less is more? In terms of data protection, I’m pretty sure that more is more.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |