One of the world’s longest lived malware networks, Eitest network is offline now. But the infection is still active and can affect servers running malicious and vulnerable code.
When the EITest infrastructure was discovered in 2011, it was not foreseen that cyber criminals would start using it as a TDS botnet. Today, we’ll see what is Eitest infection, and how your server can get affected by it. (more…)
Getting listed in a spam blacklist is a dreadful experience for server owners. Users end up facing email delivery failures and bounces, which can take your business reputation for a toss.
As a security measure, mail from blacklisted IPs are rejected by most mail servers. So, if you want uninterrupted mail services, you’ll need to stay clear of blacklists.
Web hosts lose thousands of dollars to server attacks. Data loss and downtime badly affects hosting credibility. Securing web servers from attacks is crucial for business success.
In our role as Outsourced hosting support specialists for web hosts, ensuring fool-proof server security is a major task we do to protect servers from hacks. (more…)
WannaCry ransomware is all over the news now, causing the internet world to shake in doubt and fear. With over 200,000 computers in 150 countries being affected, the damage is really wide-spread.
For businesses and servers that are affected by this malware, the impact of this attack is huge and can lead to loss of business. As a result, it is important to secure your servers for ensuring their normal functioning. (more…)
Security is one of the major concerns we tackle in our Outsourced hosting Support for web hosting companies. Server compromises can lead to financial loss and affect the business credibility.
With our expertise managing hundreds of cPanel servers for web hosts, we have been able to identify and address all the security loop holes that can happen in a cPanel server. (more…)
Over 80% websites in the internet are vulnerable to hacks and attacks. In our role as hosting support engineers for web hosts, we perform periodic security scans and updates in servers to protect them from hacks.
A recent bug that affects the servers is the SWEET32 vulnerability. By exploiting a weak cipher ‘3DES-CBC’ in TLS encryption, this bug has caused many server owners to panic about their data security.
If you see that your website is failing security scans with this message, that means your server is vulnerable to SWEET32 attacks.
“SSL/TLS server supports short block sizes (SWEET32 attack)”
Amazon claims to have a system to white-list all their IP addresses at Spamhaus regularly. But we still see Amazon EC2 users reporting mail issues due to IP blacklists by Spamhaus.
IP blacklisting occur when your mail server gets compromised due to any malware or open vulnerabilities. Attackers can hijack your mail server and send spam mails from it. (more…)
On March 1, 2016, a new SSL vulnerability called DROWN (Decrypting RSA with Obsolete and Weakened Encryption) was disclosed by security researchers.
This vulnerability (aka CVE-2016-0800) allows attackers to decrypt even strong TLSv1.2 connections, if the server supports the obsolete SSLv2 protocol.
CryptoPHP is a well developed backdoor malware that is spread through themes for popular CMS like WordPress, Joomla and Drupal, etc. It runs a bot in your server, and allows remote control for the attacker controlling the botnet. The attacker can then use your server for a slew of malicious activity like spammnig, DDoS, blackhat SEO, etc. This could lead to your web servers to be blacklisted by DNSBLs / RBLs, and thereby loss of service reputation.
The threat was first published over 10 days back, but we see web servers still getting affected by this malware. Engineers at our Proactive Server Management Service mitigated this threat early on using multiple layers of protection. Here we go over the basics of detecting and mitigating this threat. (more…)
[UPDATE 1st Oct] – More vulnerabilities were reported since this post was originally written on Sep 26th. See the notes at the bottom.
Highly critical Bash code injection vulnerability CVE-2014-6217 was declared on 24th Sep, and a patch is now available for all popular Linux web hosting servers such as CentOS, RedHat, Fedora, CloudLinux, Ubuntu, Debian and OpenSuse.
Hire Bobcares Linux Server Administrators
Get super reliable servers and delighted customers
See how we do it!
If you have a Linux web hosting server, it has Bash, and if you haven’t expressly patched it, assume that your server is vulnerable to hack. Linux web hosting servers are typically enabled with CGI modules, and they could allow commands to be passed on to Bash, thus opening the gates to hackers. (more…)