Reuters
25.09.2014 – 10:26
A failure of recently discovered security software Linux widely used, known as Bash, could represent more threat to computer users Heartbleed error that arose in April, cybersecurity experts warned yesterday.
Bash is the software that is used to control the command line in many computers running Linux. Hackers can exploit a bug in Bash to take full control of a compromised system, security experts said.
The Heartbleed mistake allowed hackers to spy on computers, but not take control of them, said Dan Guido, CEO of security firm Trails of Bits.
“The method of exploiting this issue is much simpler. Simply copy and paste a line of code and get good results,” said.
Guido said it is considering a line drawn from non-essential servers to protect your company from attacks by Bash error until you can patch the software to correct the fault.
Tod Beardsley, engineering manager at cybersecurity firm Rapid7, warned that the error had a note of gravity “10”, which means it has maximum impact, and a “low” rating on operational complexity, which means it is relatively easy to use by hackers to launch attacks.
“When using this vulnerability, attackers can potentially take control of the operating system, access to confidential information, make changes, etc.” , Beardsley said. “Any systems that will occupy Bash should apply the patch immediately,” he added.
Heartbleed, discovered in April, is an error in an open source encryption software called OpenSSL. The ruling jeopardized the data of millions of people, because OpenSSL is used in nearly two thirds of all websites. He also forced a dozen launch technological security patches for hundreds of products using OpenSSL companies.
ADVERTISING
No comments:
Post a Comment