Connecting to LinkedIn...



Bash Bug Security Threat 'Bigger Than Heartbleed'

25/09/2014 by


A security bug, known as Bash or Shellshock, has been discovered that could pose a bigger threat than the infamous Heartbleed bug that wreaked havoc on computer systems earlier this year.

The vulnerability stems from the Bourne Again Shell (Bash) command line used in many Linux and Unix operating systems, commonly found in major servers and devices connected to the internet-of-things.

"Using this vulnerability, attackers can potentially take over the operating system, access confidential information, make changes, etc," said Tod Beardsley, an engineer at security firm Rapid7. "Anybody with systems using Bash needs to deploy the patch immediately."

Beardsley warned that the Bash bug had the highest severity rating of "10" and had a "low" complexity rating, meaning hackers could launch massive attacks with relative ease.

Another security expert, Robert Graham, claimed that the bug was "bigger" than Heartbleed. In April, the Heartbleed bug left millions of systems vulnerable through a flaw in the OpenSSL.The bug resulted in major cyber thefts, including the personal details of Canadian tax payers, members of Mumsnet and owners of Android smartphones and tablets.

Graham believes the Bash bug poses more of a threat than Heartbleed due to the "enormous percentage" of software that it interacts with.

"We'll never be able to catalogue all the software out there that is vulnerable to the Bash bug," said Graham. "While the known systems (like your web-server) are patched, unknown systems remain unpatched.

"We see that with the Heartbleed bug: six months later, hundreds of thousands of systems remain vulnerable."

This article has been extracted from, please click on this link to read the article in full

Montash is a multi-award winning, global technology recruitment firm. Specialising in permanent and contract positions across mid-senior appointments which cover a wide range of industry sectors and IT functions, including:

ERP, BI & Data, Information Security, IT Architecture & Strategy, Energy Technologies, Demand IT and Business Engagement, Digital and E-commerce, Infrastructure and Service Delivery, Project and Programme Delivery.

With offices based in London, Montash has completed assignments in over 30 countries and has appointed technical professionals from board level to senior and mid-management in permanent and contract roles.

comments powered by Disqus

Social Stream

Latest News


SAP announces partnership with STC

2016-10-25 10:00:00 +0100

One of the world’s leading providers of enterprise resource planning (ERP) solutions, SAP, has revealed that it is partnering with STC Advanced Solutions to offer both private and public sector organisations more empowerment. The two firms will be working alongside one another to provide cloud-based subscription services to firms of all sizes. This will help to deliver better information communication technology (ICT) across the Kingdom of Saudi Arabia....


Humans remain largest security flaw in cloud ...

2016-10-21 14:00:00 +0100

With a vast number of companies moving some, if not all, of their operations to the cloud, security continues to be of major concern. Whilst there are numerous patches and firewalls to safeguard defences, it has been highlighted that the most difficult area to protect against is human interaction. This is the view of Jamie Woodruff, a penetration tester and ethical hacker. Woodruff’s views come after he was contracted to conduct a penetration test in or...