Important Vulnerability on Advanced Custom Fields Plugin for WordPress

Every web hosting provider offers site management solutions so that customers can customize their domain settings and manage their sites independently. DirectAdmin is one of the most popular tools on the market, similar to Plesk (discover Plesk security best practices) and cPanel (learn more about cPanel security). After deployment, server administrators and site owners should review configurations and follow cybersecurity best practices to protect sites from exploits and safeguard sensitive data. Although this guide does not reduce risk by 100%, following it will improve your cybersecurity posture and stop many common threats that could harm hosted sites. In this article, you will learn about DirectAdmin and discover DirectAdmin security best practices:

Interserver.net is a US-based web hosting company focused on quality service at an affordable price. To ensure customer satisfaction and to continue their gold-star reputation, Interserver.net turned to Imunify360 to detect, block, and clean malware directed at shared hosted websites. After Interserver.net installed Imunify360, the web host saw a considerable decrease in hacked sites and the benefit of reducing technician overhead necessary to clean customer sites. Keep on reading to learn the full story and also discover the post from Interserver.net side here.

Reactive security is no longer practical to stop attackers and leaves your organization vulnerable to data exfiltration that can persist for months. It only takes a few minutes for an attacker to compromise and exfiltrate data, and afterward, your organization is left to perform clean-up.

If  you don’t proactively catch threat actors, they could go undetected for months on your network, exfiltrating data silently until you finally contain the threat. An advanced persistent threat (APT) could maintain a presence on your network even when you think it’s contained. Any threat that compromises your system causes monetary loss, potential brand damage, and future legal issues. A better way of cleaning up after a compromise is to put up a better defense and implement proactive security that catches, blocks, and contains threats before they damage your systems. Imunify360 team created an article based on Igor Seletskiy's speech, the CEO of CloudLinux Inc., "Proact, not overreact", keep on reading to learn more about proactive cyber security and watch Igor's speech in the end.

Web host administrators are aware that performance is important for customer satisfaction, but what they don’t know is that performance degradation can be directly related to malware and exploited vulnerabilities on the server. Advanced threats can be difficult to detect, but web hosts must rely on website owners with leased space on the server to stop them. Imunify360 has helped numerous web hosters detect, block, and remediate threats across the entire shared server.

As part of Imunify360’s proactive malware research activities, we recently identified that a plugin named Adicionar Banco Inter ao WooCommerce from WordPress repository, which can be used to identify malware in web servers, indeed had active malware inside one of the plugin’s source files.

In June, 2021, Imunify360 introduced a new version, v.5.8. In addition to that Imunify360 team devote themselves to creating different security guides and materials that could help both newbies and experienced users to take server security to the top with Imunify360. Read the posts below to stay tuned with the latest updates and security trends.

During the pandemic lockdowns, many businesses went from office work to an at-home workforce. Studies show that a huge uptick in cyber-attacks started in 2020 after pandemic lockdowns, which means that more attackers were scanning and searching for exploits on web servers. A web server with poor security controls, outdated software, misconfigurations, and overall lack of administration could be subject to numerous cyber-attacks and exploits. 

May 2021 was a busy month for the Imunify Security team. Another version of Imunify360 was released, version 5.7. In addition to that, the Imunify team took part in CloudTalk 2021 and skyrocketed it with Igor Seletskiy’s speech about Imunify360’ proactive approach to security. Keep on reading to learn more about new features, CloudTalk 2021 and cPanel security tips.

We want to provide Imunify360 users with powerful and comprehensive tool for events and incident analysis within the separate service, so they could:

Find the incidents by IP address, components, username, domain, etc. across multiple servers in the group.

• Find out which components of the Imunify360 have allowed or denied access and why.

To use the feature, simply log in your CLN account, navigate to the Imunify360 tab and open the "Events & Incidents lookup" page to search for IP-related incidents and events.

Igor Seletskiy, CEO of CloudLinux Inc., will be giving a speech about multi-layered security protection and the proactive approach of Imunity360 at CloudTalk Online 2021 in May 2021. The speech, scheduled for May 27th at 13:30 - 13:50 (UTC + 03:00), will discuss the many ways hackers exploit vulnerabilities to take over servers and the multi-layered approach administrators can take using Imunify360.