Yahoo Claims a Server Attack was not the Shellshock Bug

Yahoo Claims a Server Attack was not the Shellshock Bug

Yahoo Claims a Server Attack was not the Shellshock BugYahoo has fixed a bug in their system which was initially discovered by hackers who were attempting to exploit the Shellshock bug on the company’s network. According to a report, Yahoo made a statement issuing the attack.

“Earlier today, we reported that we isolated a handful of servers that were detected to have been impacted by a security flaw,” said Alex Stamos, Yahoo’s chief information security officer. “After investigating the situation fully, it turns out that the servers were in fact not affected by Shellshock.”

Yahoo was originally notified of the attack by Johnathan Hall, senior engineer and president of security consulting firm Future South Technologies, in a blog post.

Servers used by Yahoo to stream sports were targeted by hackers trying to find vulnerabilities for the Shellshock bug, but instead the code they used happened to work in a different way and prompted an intrusion quickly after Yahoo patched their servers for Bash, a command interpreter bug.

Stamos has reiterated the fact that no user data was stolen or corrupted. Hall however, feels differently. “I am flat out accusing Stamos, and Yahoo, of being dishonest and inaccurate in their reports of this breach, as well as being grossly negligent to their users and shareholders by releasing inaccurate and misleading information,” said Hall.

About the Author

Matt Holden is an Associate Content Editor for 1105 Media, Inc. He received his MFA and BA in journalism from Ball State University in Muncie, Indiana. He currently writes and edits for Occupational Health & Safety magazine, and Security Today.

Featured

Featured Cybersecurity

Webinars

New Products

  • HID Signo Readers

    HID Signo Readers

    HID Global has announced its HID® Signo™ Biometric Reader 25B that is designed to capture and read fingerprints in real-world applications and conditions. 3

  • Kangaroo Home Security System

    Kangaroo Home Security System

    Kangaroo is the affordable, easy-to-install home security system designed for anyone who wants an added layer of peace of mind and protection. It has several products, ranging from the fan-favorite Doorbell Camera + Chime, to the more comprehensive Front Door Security Kit with Professional Monitoring. Regardless of the level of desired security, Kangaroo’s designed to move with consumers - wherever that next chapter may be. Motion sensors, keypads and additional features can be part of the package to any Kangaroo system in place, anytime. Additionally, Kangaroo offers scalable protection plans with a variety of benefits ranging from 24/7 professional monitoring to expanded cloud storage, coverage for damage and theft. 3

  • XS4 Original+

    XS4 Original+

    The SALTO XS4 Original+ design is based on the same proven housing and mechanical mechanisms of the XS4 Original. The XS4 Original+, however, is embedded with SALTO’s BLUEnet real-time functionality and SVN-Flex capability that enables SALTO stand-alone smart XS4 Original+ locks to update user credentials directly at the door. Compatible with the array of SALTO platform solutions including SALTO Space data-on-card, SALTO KS Keys as a Service cloud-based access solution, and SALTO’s JustIn Mobile technology for digital keys. The XS4 Original+ also includes RFID Mifare DESFire, Bluetooth LE and NFC technology functionality. 3