Clever and “Shellshock”
Clever’s Response to the “Shellshock” Security Issue
Recently, a critical security issue was discovered and disclosed to the larger community. This issue, nicknamed Shellshock, could have allowed an attacker to take control of certain systems using specially crafted HTTP requests. The vulnerability came from a flaw in Bash, a tool used by the majority of Internet web servers, including some of Clever’s machines.
Even though we had no reason to believe that any of our services were directly vulnerable, we immediately took action on Wednesday, September 24th to completely secure all of our systems. Our developers worked around the clock to apply fixes as soon as they became available, typically within an hour of release.
We have investigated our systems for evidence of any attempts to exploit this vulnerability and found no such evidence. We will continue watching “Shellshock” closely, and continue to scan for malicious attempts to access Clever’s systems.
If you’d like more general information about “Shellshock”, please read more on the Clever engineering blog.
More to read
August 9, 2024
Welcoming Texas-based Dominic Via as Clever’s VP of SalesLearn about the major challenges Dominic Via is seeing for K-12 leaders, the latest successes in Texas schools, and upcoming trends that will impact school districts this year.
June 21, 2024
New survey from Clever finds technology integration as a top classroom challenge for teachersClever’s latest surveys find opportunities to make Learning Management Systems and edtech applications work better together. SAN FRANCISCO, June 21, 2024 /PRNewswire/ — Clever, the platform providing secure, seamless access to learning applications for 100,000 schools worldwide, released findings on the impact of data incompatibility on classroom learning and teacher experience. In internal surveys conducted from October 2023 through April 2024, […]
February 29, 2024
Clever is Secure by Design: Roadmap for 2024Read Clever’s detailed Secure by Design product roadmap – a critical aspect of fulfilling the Secure by Design Pledge. In August 2023, I had the privilege of joining the Back to School Safely Cybersecurity event hosted by First Lady Dr. Jill Biden at the White House. In partnership with the U.S. Cybersecurity and Infrastructure Security […]