The cyber world continues to react to Shellshock. Various patches and preventive measures have been released, all of them so far incomplete, but better than nothing. Apple promises a patch to address the Bash bug even as it seeks to reassure OS X users that most of them remain safe. Various web-application firewall and intrusion detection system vendors have updated their products with rules designed to ward off exploitation. Analysts advise taking prompt, prudent action to protect your systems, but recognize that closing this vulnerability will be a labor-intensive process requiring long-term attention to fixes under development.
Shellshock is already being exploited in the wild, with the first reports of malicious activity surfacing within a few hours of the bug's disclosure (AusCERT was among the first to sound warnings). Kaspersky detected reverse-shell exploits, and AlienVault's honeypot picked up two attempts to use the vulnerability to assemble botnets.
BlackEnergy malware, found in attacks against Ukrainian government systems, shows a striking convergence of the political and criminal in its employment. Some observers are calling it "privateering" with Russian attack tools. The Russian government continues to spook its neighbors with a warning to Latvia that it would do well to treat its ethnic Russian minority well. (The Netherlands, at least, draws a public lesson from Russian policy, avowing a Dutch offensive cyber capability as a common-sense military measure.)
Middle Eastern cyber combatants maintain their focus on information operations.
Malvertising rises in the ranks of cyber threats, with some seeing it eclipsing exploit kits.
A note to our readers: We began publishing the CyberWire in September 2012, and today marks our second anniversary. Thanks to all of you for following and subscribing to the CyberWire. Thanks especially for your many supportive emails, tweets, and face-to-face talks. We hope to continue delivering what we promised two years ago: a relevant and intelligently organized daily digest of the critical news happening across the global cyber security domain.