Starting yesterday we began seeing some known spam host trying to execute code via specially crafted email messages. We believe SANS also is reporting similar traffic but we have not confirmed this at this time.
One of the recent breaches we reported on seems to be the source of some of these messages but not all. We are in the process of conducting additional research and will release additional information later today.
ADDITIONAL READING:
http://www.fireeye.com/blog/technical/2014/09/shellshock-in-the-wild.html
http://www.tripwire.com/state-of-security/incident-detection/understanding-shellshock-attack-vectors/
http://www.csoonline.com/article/2689294/data-protection/six-key-defenses-against-shellshock-attacks.html
http://www.zdnet.com/shellshock-attacks-mail-servers-7000035094/#ftag=RSS4d2198e
http://threatpost.com/shellshock-exploits-targeting-smtp-servers-at-webhosts/109034
The purpose of this page is to provide awareness to individuals and organizations that are leaking information and the information of their customers. The entities listed on this site are verified to be leaking personal information sometimes without the company even being aware. SLC Security is now owned and operated by Jigsaw Security Enterprise. We are currently in process and as such this blog will eventually be taken offline and merged with Jigsaw Security resources.
No comments:
Post a Comment