MDS - AN INTELLIGENT MALWARE DATABASE SCANNER FOR WEBSITES

March monthly digest gives an overview of version and package updates and the latest security vulnerabilities detected by the Imunify Security team. Read the posts below to learn all and beyond brute force attacks and how Imunify360 could mitigate them.

Brute-force attacks are the most widely used cyber-attacks in the cyber-sphere. And dependent on the target, the protection method is unique to the attack. There are two main types of brute-force attacks:

• Service level brute-force, targeting ssh, ftp, smtp services and others.
• Web application level brute-force, e.g. attacks against WordPress, Magento, and similar CMSes and web-scripts.

In February 2021, Imunify introduced a new version of Imunify360, version 5.5. Keep on reading to learn more about new releases and packages updates. Also, we recommend checking our new articles covering website and server security.

For website owners unfamiliar with common malware, having malware on your site that doesn’t  cause any obvious issues is seemingly harmless to the site owner. How bad can malware be if it just injects links? If site owners do not understand the repercussions of malware, then they will not take it seriously. It often means that these site owners don’t have the necessary monitoring and malware protection in place to defend sites. For shared hosting providers, this issue can have severe consequences and long-term effects on the server’s reputation and potential profitability.

In 2020, approximately one million websites hosted on WordPress were actively targeted by cyber-criminals. Large-scale campaigns are common and your server could easily be compromised without you noticing it. Even when malware is silent and undetectable, it can cause long-term side effects that damage your business reputation, customer retention, revenue, and lead generation from search engines. It’s imperative to business continuity that you detect attacks, mitigate ongoing attacks, and remediate them quickly after they are found.

Despite the fact that the festive season already starts in December, this month was busy for the Imunify Security team. Keep on reading to find out more about the latest package updates and some tips on how to stay secure. Stay safe and hopefully 2021 will bring you a lot of joy and pleasant moments!

 

One of the easiest ways to attack a web site is to gain entry through a content management system, such as WordPress. To do this, hackers try to force a login to a site’s WordPress installation using frequently used passwords. These sorts of attacks are known as brute-force attacks. 

 

 

Recently, we got a few support requests related to the usage of Imunify360 with Cloudflare. We’d like to explain the root cause and provide you with a workaround.

The issue was looking like an inability to pass the Captcha causing an endless loop. Further investigation revealed an issue caused by custom cache settings in the Cloudflare control panel.