Bashed and Shellshocked: Early Reports of Exploitation in the Wild
See Intelligence-Led Security In Action Attend a Live Product Demo

Bashed and Shellshocked: Early Reports of Exploitation in the Wild

September 25, 2014 • Matt Kodama

Lots of IT security teams are at work right now to patch the Shellshock vulnerability (CVE-2014-6271) ASAP – while keeping an eye on their threat intelligence sources for exploitation in the wild. And the reports are coming in…

One of the first reports via GitHub identified the IP 162.253.66.76 as the source of suspicious activity. We took a quick look in our OSINT archive, using Maltego, to make an initial assessment. Pentester scanning? Malicious? Looks like the latter.

Shellshock Assessment Using Maltego

Click image for larger view

Looked at on a Recorded Future timeline, the reporting involving suspicious activity and blocking of this IP address date back to early September.

Shellshock-Associated IP Address Timeline

Click image for larger view

Here’s the view a few hours later, when many other authors on the web were linking this IP address to Shellshock.

Shellshock Assessment Using Maltego

Click image for larger view

Time to patch!

New call-to-action

Related Posts

Why Monitoring the Dark Web is Essential for Third-Party Risk Management

Why Monitoring the Dark Web is Essential for Third-Party Risk Management

May 13, 2021 • Trevor Lyness

The dark web is often portrayed as vast, mysterious, and out of reach for companies without...

Simplify and Accelerate Threat Hunting with High-Speed, High-Confidence Threat Intelligence

Simplify and Accelerate Threat Hunting with High-Speed, High-Confidence Threat Intelligence

April 15, 2021 • Neha Mehra

As your attack surface continues to grow -- expanding into the cloud and employees working from...

How Contextualized Intelligence Maximizes Security Outcomes in SecOps Tools

How Contextualized Intelligence Maximizes Security Outcomes in SecOps Tools

April 14, 2021 • Ellen Wilson

As the attack surface grows,  it’s difficult for security teams to maintain a comprehensive,...