One of the world’s longest lived malware networks, Eitest network is offline now. But the infection is still active and can affect servers running malicious and vulnerable code.
When the EITest infrastructure was discovered in 2011, it was not foreseen that cyber criminals would start using it as a TDS botnet. Today, we’ll see what is Eitest infection, and how your server can get affected by it. (more…)
Google blacklists up to 6,000 websites EVERY DAY for serving malware. Almost all of these sites are classified as “compromised sites”, which means it was infected with malware without the knowledge of the site owner.
A malware infection could lead to loss in SEO ranking, and business reputation. Building back the site traffic could take weeks, if not months.
SSL certificates are costly. Or, used to be.
Now, website owners have a free, totally reliable option to setup HTTPS for their websites : Let’s Encrypt
Let’s Encrypt is a Certificate Authority that provides valid SSL certificates for free.
The downside is that, it can be a bit hard to setup – especially if you’re new to command lines.
Every day, cyber criminals use malicious bots extensively to infect websites, send spam, and take down websites with DDoS – all for money.
As a server administration company, we often act as the 911 Emergency Rescue for websites under bot attacks.
WordPress powers 19% of the web, and 48 of the top 100 blog sites online. With a strong community of users and developers, the WordPress platform is evolving day by day, with more features and Add-ons.
This, in turn, poses some threats as well. Vulnerabilities and hacks can end up disrupting the website functioning. There have been many instances where a blog owner lost complete access to his site. (more…)
Outgoing spam is a major head ache for many web hosts. Spammers use compromised websites or mail accounts to send thousands of spam mail within a few mins.
By the time the web host comes to know about it, the server IP would be blacklisted (eg. SpamHaus SBL), and legitimate mails would be bouncing left and right. (more…)
“Can you manage my server? I want it to be fast and secure.”
This is a typical request we receive at our Server Management Services. While many customers are happy to have a professional company take care of their servers, some have asked us what exactly is it that we do to make their servers stable.
On Dec 6th, a Command Execution Vulnerability was disclosed in the open source webmail software called RoundCube. Using this vulnerability, an attacker can easily execute arbitrary system commands, which could be used to inject malware or take control of the server.
If your website runs on WordPress v4.5.3 website, attackers can now bring down your site through a Denial of Service attack. This is possible through two vulnerabilities that were disclosed on 22nd Aug:
- CVE-2016-6897 – This is a Cross Site Request Forgery vulnerability by which an attacker can take over an authenticated user’s session (privilege escalation) using a forged HTML page.
- CVE-2016-6896 – This is a Directory Traversal vulnerability which can be used by an attacker to crash the web server.
If you have a website, chances are that it’s running on a Linux server. And the latest news is that, Linux servers with kernel versions 3.6 to 4.6 are vulnerable to malware injection attacks.
This was demonstrated on Aug 10th, when security researchers injected phishing content “on the fly” on USA Today website.
The good news is, you can protect your servers. Today, we’ll see how. (more…)