links of the day 09/29/2014 (p.m.)

• What's Behind Apple's iOS 8 Update Disaster

• inurl:/cgi-bin/ site:be login - Google Search

• shell shock - Google Search

• Protect Your Personal Devices from Shellshock - Trend Micro USA

• Shellshock BASH Vulnerability Tester

• Shellshock Bug: 6 Key Facts - InformationWeek

• Shellshocked: A Future Of 'Hair On Fire' Bugs

• Limitless Keylogger Optimized with AutoIT Infected thousands of Computers

• Hacking any eBay Account in Just 1 Minute

• The Pirate Bay Runs on 21 "Raid-Proof" Virtual Machines To Avoids Detection

• The Fappening 3 — Jennifer Lawrence New Nude Photos Leaked Online

• Grabbing the Heartbleed Vulnerability by the (Long) Tail

• How Bash Shellshock Bug Could Have Been Avoided Seven Years Ago

• (1520 unread) - mailforlen - Yahoo Mail

• Bash shell 'Shellshock' flaw opens OS X, Linux, more to attack, called 'bigger than Heartbleed'

• Information Security: Bash-ing Into Your Networ... | SecurityStreet

• 'ShellShock' Bash Vulnerability CVE-2014-6271 Test Tool

• ShellShock Tester

  we can't be sure

• inurl:/cgi-bin/ site:be - Google Search

• How to DDoS through Facebook Datacenter with almost 1Gbps. They’ve started to care! | Cyber Security Research Center from Romania

• Cyber Security Research Center from Romania

• BashSmash/Shellshock (CVE-2014-6271) Website Check

• Protecting Yourself Against Shellshock - Check Point Software TechnologiesCheck Point Software Technologies

• oss-sec: Re: CVE-2014-6271: remote code execution through bash (3rd vulnerability)

• zaf/sipshock · GitHub scanner for shellshock SIP proxies

• mhn mondern honeypot network

• ShockPot, the intelligence driven defense against ShellShock

• Errata Security: The shockingly obsolete code of bash

• How to Protect your Server Against the Shellshock Bash Vulnerability | DigitalOcean

• 3D Bioprinting: Human Organs On-Demand

• Cyber Threat Landscape: Attackers and Operations

• Bashed and Shellshocked: Early Reports of Exploitation in the Wild

• Shellshock, The Latest Mac OSX and Linux Vulnerability—And What It Means For You | Norton Community

• MFSA 2014-73: RSA Signature Forgery in NSS

• Is The Internet On Fire?

• hannob/bashcheck · GitHub

• Shellshock in the Wild | FireEye Blog

• Twitter / Search - #shellshock

• lcamtuf's blog: Quick notes about the bash bug, its impact, and the fixes so far

• make your Apple Safe from Shellshock: How to protect your home computer from the Bash shell bug | PCWorld

• Two scenarios that would make OS X vulnerable to the Shellshock bug | PCWorld

• bug-bash (thread)

• The Shellshock command security flaw isn't really fixed yet

• Frequently Asked Questions about the Shellshock Bash flaws | Red Hat Security

• Bash specially-crafted environment variables code injection attack | Red Hat Security

• Major Bash Shell Vulnerability Affects Linux, UNIX, Mac OS X | Threatpost | The first stop for security news

• Threat Spotlight: “Kyle and Stan” Malvertising Network Threatens Windows and Mac Users With Mutating Malware

• Update on CVE-2014-6271: Vulnerability in bash (shellshock) - Internet Security | SANS ISC

• [PentesterLab] Learn Web Penetration Testing: The Right Way

• attack code for CVE-2014-6271 - Pastebin.com

• Ok, shits real. Its in the wild... src:162.253.66.76 shell shock attack code

• InfoSec Handlers Diary Blog - Update on CVE-2014-6271: Vulnerability in bash (shellshock)

• Attention *NIX admins, time to patch! - Internet Security | SANS ISC

  "/cgi-sys/defaultwebpage.cgi"

• Official jQuery Blog | New Wave Javascript atacked

• jQuery.com Compromise: The Dangers of Third Party Hosted Content - Internet Security | SANS ISC

  "http://blog.jquery.com/2014/09/23/was-jquery-com-compromised/"

• InfoSec Handlers Diary Blog - jQuery.com Compromise: The Dangers of Third Party Hosted Content

• Fake LogMeIn Certificate Update with Bad AV Detection Rate - Internet Security | SANS ISC

  .scr attachments in fact

• inurl:/cgi-sys/defaultwebpage.cgi site:be - Google Search

• Shellshock – CVE-2014-6271 – Exploits in the Wild | NI @root

• Exploiting Shellshock/Bashbug with a single ICMP packet. | NI @root

• NI @root | Network Infiltration Group

• http://blogs.cisco.com/wp-content/uploads/updated_kyle_and_stan3.txt

• http://blogs.cisco.com/wp-content/uploads/updated_kyle_and_stan2.txt

• http://blogs.cisco.com/wp-content/uploads/updated_kyle_and_stan.txt

• Threat Spotlight: “Kyle and Stan” Malvertising Network 9 Times Larger Than Expected

• Kyle and Stan Malvertising Network Nine Times Bigger | Threatpost | The first stop for security news

• Travel Site Viator Claims 1.4 M Implicated in Breach | Threatpost | The first stop for security news

• Dan Walsh's Blog - What does SELinux do to contain the the bash exploit?

• Attackers exploiting Shellshock (CVE-2014-6721) in the wild | AlienVault

• filetype:sh inurl:cgi-bin - Google Search

• filetype:sh inurl:cgi-bin - Google Search

• inurl:/cgi-sys/entropysearch.cgi - Google Search

• Website Security - Bash "Shell Shock" Vulnerability Impacts CPANEL Users | Sucuri Blog

  "/cgi-sys/FormMail-clone.cgi"

• Internet Storm Center - Internet Security | SANS ISC

• Bash Vulnerability Exploits Dropping DDoS Bots | Threatpost | The first stop for security news

• The echo of Stuxnet - Securelist

• Shellshock and its early adopters - Securelist

• The Epic Turla Operation - Securelist

• Internet predators - Securelist

• “Bash” (CVE-2014-6271) vulnerability – Q&A - Securelist

• Patching Bash Vulnerability a Challenge for ICS, SCADA | Threatpost | The first stop for security news

• Permalink to Apple: OS X Safe By Default Against Bash Vulnerability

• Environment Bashing - The Akamai Blog

Posted from Diigo. The rest of my favorite links are here.