Most of all such attacks took place on the territory of the United
States or China. Since the discovery of a critical vulnerability ShellShock ,last
week occurred a tremendous amount of cyber attacks that exploit this flaw. It
was stated in the blog of Incapsula company.
According to Incapsula, within a few days after the discovery of the
breach firewalls reflected over 217,000 attempts to exploit ShellShock on more than 4100 domains.
Nevertheless, the company believes that the total number of attacks may exceed
one billion.
Almost 900 IP-addresses of each country in the world used to carry out
attacks recorded by experts Incapsula. In most cases, attacks made on the territory
of the United States or China - in the first 24 hours after the discovery of
the vulnerability for more than half of all attacks are carried out from the
territory of these countries.
68% of all cyber attacks carried out over the past four days, they exploited
a gap in the shell Bash. Only 6% of these attacks used automated tools of the
attacks - in other cases, hackers tried
to exploit gap to make more dangerous attacks.
The vulnerability ShellShock, which was assigned as an identifier
CVE-2014-6271, was fixed pretty quickly. However, after the elimination of gaps
were found out several vulnerabilities
such as ID CVE-2014-7169, CVE-2014-7186 and CVE-2014-7187. Currently, there are
updates that are correcting all the above mentioned gaps.
Source: securitylab.ru
No comments:
Post a Comment