Yahoo CISO Alex Stamos refuted claims made by a Louisiana security company that a number of Yahoo servers had been compromised by Romanian hackers using Shellshock exploits against the vulnerability in Bash.
Stamos said three Yahoo Sports API servers were infected with malware by hackers looking for webservers vulnerable to the Shellshock vulnerability, but the exploits were not related to Shellshock. Those servers, which provide live game streaming, do not store user data and were isolated upon discovery of malware, Stamos said.
http://threatpost.com/yahoo-confirms-infected-servers-unrelated-to-shellshock/108726
Leave a Reply