Categories
Industry Insights IT Solutions Managed IT Services

365 iT SOLUTIONS on BNN and CTV regarding Shellshock virus

Are you worried about the Shellshock virus bug? You should be if you want to protect yourself and business.

Eric Neufeld, Technical Services Manager from 365 iT SOLUTIONS, has been featured on the BNN and CTV regarding the latest threat “Shellshock virus” bug.

 

  • Business Network News (BNN) video: “Thwarting cyber-attacks, the rising importance of Chief Information Officers.

Click here for full video on Business Network News (BNN).

 

  • CTV News video: “Shellshock virus bug: How can you protect yourself?”

Click here for full video on CTV News.

________________________________________________________________________________

Limit your exposure

Because cyber security experts are still trying to figure out Shellshock virus and the full scope of the threat remains unclear.  The biggest threat it poses right now is to servers because it affects the operating system on which they run: Linux.  If a server is being hacked, there’s not much a layperson can do about that aside from using security best practices, like using a password manager to keep different passwords with different web services.

365 iT SOLUTIONS is a leading IT consulting firm in Toronto. We provide industry leading Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services.

Take advantage of our Complimentary Network and Security Assessment by 365itSolutions.com

 

 

Categories
Industry Insights IT Solutions Managed IT Services

How to protect yourself from Shellshock Bash bug

 

Leading security experts are extremely worried about a new security vulnerability and everyone is expecting to it to be worse than the Heartbleed virus.

It currently carries three names called “Bash”, “Shellshock Bash bug” and “Shellshock”.  This is the user interface that accesses operating systems like Command Prompt and affects Linux, UNIX and Apple’s OS X.

 

Full Story – Read More: Here Comes “Shellshock”, Largest Vulnerability Found

 

So now there are two general questions regarding the latest threat “Shellshock Bash bug”?

  1. How can you protect yourself the Shellshock Bash virus?
  2. How can you avoid the Shellshock Bash virus?

Bad news is there currently is no special tool or patch that’ll keep you protected from Shellshock.

Good news is that all you have to do is apply a little common cyber security procedures.

 

  • Keep OS X, UNIX and Linux up to date

Yes its true, Apple is not safe.  The Shellshock Bash virus is capable of infecting Apple computers running OS X and any machine running Linux which is basically based on UNIX.  It’s important to keep your operating system up to date to ensure that it has the latest security patches installed.

  • Backup your data and patch

To reduce risk, you should immediately patch or update your systems.  This applies to servers and workstations such as Apple MacBook’s and Mac Pro desktop computers.  Since it affects both client and servers, this could lead to data leakage directly from computers.

Following industry best practices, you should ensure that all data is backed up regularly.

 

  • Use a Password Manager

Always use long complex passwords for all website and networks.  Use different passwords for each site you access as it will maximise your security and limit your security risk.

 

  • Do NOT open suspicious links

Simple rule. If you do not know it, do not click it. Simple. If you were not expecting an email, don’t open it. Do not rely on hovering over the link to see the URL as hackers are becoming more sophisticated at spoofing legitimates URLs in order to infect with malware.

 

Always remember the number one rule.  Make sure your antivirus software and firewall is up to date!

 

________________________________________________________________________________

 

365 iT SOLUTIONS is a leading IT consulting firm in Toronto. We provide industry leading Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services.

Take advantage of our Complimentary Network and Security Assessment by 365itSolutions.com

Categories
Industry Insights IT Solutions Managed IT Services

Here Comes “Shellshock”, Largest Vulnerability Found

 

Experts expect more than 500 million computers could be affected thanks to “Shellshock”.

A very serious flaw in one of the most basic functions of OS X, Linux and UNIX was revealed and patched today by software developers.  The command-line (a.k.a bash) interface for UNIX systems, allows injection of malicious code, code following commands and automatic executes without verifying it.  The most recent patch prevents that code execution.

Bash is widely used and it is the default shell for OS X and most distributions of Linux including many Linux server builds.  This threat is larger than the recent Heartbleed threat.

Back in April 2014, an examination of the OpenSSL code library used to secure thousands of websites revealed a big security flaw that has existed for more than two years and IT consultants worldwide are still cleaning up after the “Heartbleed” bug.

Today’s Bash bug also known as “Shellshock” is an old exploit as Heartbleed.  Unlike Heartbleed which only affected a certain version of OpenSSL, Shellshock has been around for long time.

Microsoft Windows users can bypass the graphical-user interface and communicate more directly with the computer using a DOS-like text screen whereas users of UNIX-like systems can drop into the command line and run code more efficiently using only text-based commands.

UNIX and Linux systems using the command line is necessary to update software and perform anything more than basic functions.   There are several competing command-line-interface systems for UNIX-like systems and most can be used interchangeably.  Bash is used by user-like processes within the operating system to interact with other processes.

Red Hat has already released its own patches that fix this flaw.

There don’t appear to be any exploits related to this bug yet but the flaw offers an opportunity for attacks on OS X and desktop Linux, not to mention countless server builds.

There is no updates at the moment for Apple, Ubuntu, Mint, Debian or other Linux systems however if they launch updates this week, be sure to install them immediately.

________________________________________________________________________________

365 iT SOLUTIONS is a leading IT consulting firm in Toronto. We provide industry leading Managed IT ServicesIT Support ServicesIT Outsourcing ServicesTech Support Services and Cloud Services.

Take advantage of our Complimentary Network and Security Assessment by 365itSolutions.com