You’ll probably shortly be reading about a new piece of nastiness in security called Bashware:

https://blog.checkpoint.com/2017/09/11/beware-bashware-new-method-malware-bypass-security-solutions/

It is picking up a lot of chatter amongst the security and IT community, and we suspect will soon be as widely spoken about as HeartBleed.

Criminals are exploiting the fact that Windows 10 now lets you run a Linux Shell natively and are writing their malware to run within this Linux Shell in order to bypass pretty much every Security system out there. It’s a category of malware called FUD, or Fully UnDetectable Malware. It is essentially virtually undetectable as the name implies. Bashware has been designed to bypass bypassing the most common security products anti-viruses, inspection tools, debugging tools, and more.

What can you do?

As ever – make sure all your systems and software are up to date with the latest patches and updates.

Talk to your security providers – ensure they are in touch with Microsoft, and have the latest information available.

Alternatively, and if you are worried we can help you.

BroadBot from invinsec has been designed to inherently detect abnormal processes and behaviours and show these on the BroadBot dashboard. We have already been detecting the “impossible to detect” attack.

BroadBot can Detect – Respond and Contain threats to your business. It can work as a standalone or sit on top of your security stack, bringing all your security info together into one dynamic feed. It is cloud based, infinitely scalable and flexible, and can (following change management controls) be deployed in minutes.

Talk to us today: info@invinsec.com

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s