What if we told you that ~15% of infection sources are database infections? If you have ever tried to clean up malicious injections (usually, thousands of them) from the database table, you know how much time and pain it would take. There's a lack of professional solutions to detect and clean up malware in the database automatically. We want to save your time and provide you with another top-notch solution to detect threats in the databases (in addition to our trailblazing Imunify file scanner). We call the solution “Malware Database Scanner” (MDS).
Despite the fact that the festive season already starts in December, this month was busy for the Imunify Security team. Keep on reading to find out more about the latest package updates and some tips on how to stay secure. Stay safe and hopefully 2021 will bring you a lot of joy and pleasant moments!
A hacker might not cause any noticeable damage when infiltrating your web server. You may not notice any change in performance or any loss of data.
But that doesn't mean everything is okay. A popular use of a compromised server is to distribute malware.
Malware is malicious software. It gets embedded into your website's pages and can infect any visitors to those sites.
Hackers do this by injecting malicious code into a database or into web page templates. Visitors get redirected to malicious sites, or inadvertently download trojans.
One of the easiest ways to attack a web site is to gain entry through a content management system, such as WordPress. To do this, hackers try to force a login to a site’s WordPress installation using frequently used passwords. These sorts of attacks are known as brute-force attacks.
Here we announced the issue related to WebShield in Imunify360. As a quick-fix measure, we disabled WebShield remotely for the customers.
Recently, we’ve noticed an issue related to WebShield in Imunify360. You can recognize it as an infinite loading of the page for a website using Cloudflare. A few customers with more than 75K greylisted IPs might be affected.
Very often, web hosting administrators start to take security measures only after a website has been hacked. So, let us imagine the situation when ImunifyAV has been installed on such an infected server. All malware has been cleaned in one click, and all malicious activity has been stopped.
The new week started with a new campaign trying to widely use the Arbitrary File Upload vulnerability in the Simple File List plugin for WordPress.
Recently, we got a few support requests related to the usage of Imunify360 with Cloudflare. We’d like to explain the root cause and provide you with a workaround.
The issue was looking like an inability to pass the Captcha causing an endless loop. Further investigation revealed an issue caused by custom cache settings in the Cloudflare control panel.