On September 24, a security researcher disclosed a vulnerability in bash, also referred to as CVE-2014-6271 or Shellshock. Bash is widely used, and the vulnerability is not a Barracuda-specific issue but rather one that impacts any system that uses bash. This vulnerability allows hackers to easily insert malicious code into web servers and other hosts to carry out attacks and steal data.
Once the vulnerability became public, our security team immediately developed security definitions that were rolled out to all Barracuda customers though our automated Energize Updates from Barracuda Central. The vulnerability has been mitigated for all appliances with an active Energize Updates subscription on the current hardware platform. You can read about those updates here.
As the rate of security attacks continues to increase in both sophistication and frequency, our customers can be assured that Barracuda provides quick resolution to threats as they appear. As always, we recommend that customers enable automatic attack definition updates, particularly in the event of such a widespread attack, and keep their systems up to date with the latest firmware releases.
The Barracuda Web Application Firewall provides customers with protection from this attack against the servers behind it, even while their instances of bash remain unpatched.
The Barracuda Web Application Firewall protects thousands of production applications – having stopped more than 11 billion attacks since 2008.
At its core, an application firewall protects against these types of attacks before there is a known vulnerability because it is designed to secure protocol elements, such as URIs, cookies, parameters and headers in general. In this particular instance, the Barracuda Web Application Firewall header inspection capabilities are at the base of providing the underlying protections against Shellshock.
In addition, the architectural advantage of insulating backend servers with a central security management point also provides for an easy way to mitigate security issues for all backend servers simultaneously. This was true, for example, in the case of the recent Heartbleed vulnerability, where updating of the SSL stack of the Barracuda Web Application Firewall mitigated vulnerabilities even when backend servers had not yet been updated.
The underlying protocol inspection combined with the centralized nature of security management make the Barracuda Web Application Firewall an ideal solution for organizations looking to add a strong layer of security and protect web applications from data breaches and defacement. With the Barracuda Web Application Firewall, administrators do not need to wait for clean code or even know how an application works to secure their applications. To view the outlined steps to make sure you have the latest attack definition update, click here.
The Barracuda Web Application Firewall is available as hardware or virtual appliance, and can be deployed either on-premises or in the public cloud through providers like Amazon Web Services and Microsoft Azure. It’s received a number of industry accolades and positive reviews:
- “5-Star Review” Product Evaluation – SC Magazine:http://www.scmagazine.com/barracuda-web-application-firewall-model-660/review/4039/
- Best Web Application Firewall – 2014 SC Magazine Awards:http://www.scmagazine.com/2014-sc-awards-us-winners/article/334892/
- Best Web Application Security & Best Cloud Web Application Security – 2014 Infosecurity Products Guide Awards:http://www.infosecurityproductsguide.com/world/
- Best Web Application Security – 2014 Information Management Awards:http://www.networksasia.net/IMA2014/winners2014.php
If you’re looking for additional information on the bash vulnerability and how to mitigate this risk, join us later today for a complimentary webinar:
Tech Alert: Protect your Organization from Bash (Shellshock) Vulnerabilities
September 26, at 10am PDT
For a risk-free 30-day evaluation of the Barracuda Web Application Firewall, click here.