How to prevent a “security embarrassment?”

On Oct 7, 2014, a security researcher, Jonathan Hall, posted details of a potential Bash/Shellshock vulnerability on Yahoo’s infrastructure: http://www.futuresouth.us/yahoo_hacked.html https://www.reddit.com/r/technology/comments/2ifbjb/yahoo_got_hacked_this_morning_hooray_for/ As it turned out, it was NOT a Bach/Shellshock issue. As Alex Stamos, Yahoo’s chief information security officer wrote, “it turns out that the servers were in fact not affected by Shellshock.” (see https://news.ycombinator.com/item?id=8418809). Read More