Shellshock’s direct penalties might not have been as catastrophic as different high-profile breaches and cyber assaults, the report authors admit, however it’s a persistent drawback. For instance, in 2019, Talos found a worldwide state-sponsored espionage marketing campaign referred to as “Sea Turtle” that manipulated DNS information to achieve entry to delicate programs. The adversary relied on a number of vulnerabilities, together with Shellshock, to achieve preliminary entry.
“Whereas different confirmed public examples of state-sponsored cyber actors focusing on Shellshock are restricted, it’s very seemingly that different superior actors have tried to use Shellshock.” says the report. Many well-known adversaries just like the Russian state-sponsored group APT28 and North Korean state-sponsored Lazarus Group exploit vital vulnerabilities in extensively used software program, making Shellshock a probable instrument of their broader espionage and assault campaigns, say the authors.
Mitigating the threats
Within the report, Talos provided its high 10 suggestions for securing community units. It recommends:
