<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-5HLVVHN" height="0" width="0" style="display:none;visibility:hidden">
Tag: antivirus

Blocking Web Spam With ModSec Rules

web-spam

Web spam, phishing links, commercial comments, and other unwelcome additions to web pages is a big headache for many webmasters and blog owners. It seems to flow unceasingly to site users, and countermeasures such as comment approval, registration confirmation, and CAPTCHAs are inconvenient for admins and users alike. 

Imunify360 Live Webinar, Friday 29 May: New Features and Updates

webinar-cover2_(2)

At 11am EST on Friday 29 May, we’ll be conducting a live webinar on the new features and updates of Imunify360. Sign up and join the conversation on what’s new with our automated server protection suite.

The webinar recording is now available. You could watch it here.

Analyzing A New WordPress Malware Campaign

wordpress-analysing

 

Web sites running WordPress are like catnip for hackers. Among the millions of WordPress users are many with weak login credentials, which are exploited to launch malware campaigns. 

Many such campaigns have been launched recently, and we at Imunify360 have discovered another one. We first detected it on 13 April, and since then we’ve seen it blocked by Imunify over 300,000 times. In the past month, this campaign has compromised thousands of unprotected WordPress-based web sites. 

Let’s analyze this new WordPress malware campaign to see what makes it dangerous to web sites running WordPress. Additionally, check our WordPress Security Ultimate Guide for 2021 to learn more about WordPress Security.

A Critical Security Issue: The SaltStack Salt Authorization Bypass

critical-saltstack

 

This week, the Imunify360 security team was informed of a new kind of attack, one that our customers told us caused these problems:

  • Inoperable firewall
  • High CPU resource consumption
  • Log entries such as: im360.plugins.client360: Cannot connect the Server (imunify360.cloudlinux.com) [[Errno -2] Name or service not known]

When we investigated, we saw that these issues were caused by a SaltStack authorization bypass vulnerability (CVE References: CVE-2020-11651, CVE-2020-11652). This vulnerability enables remote command execution as root, on both the master and all minions that connect to it. It affects SaltStack Salt before 2019.2.4, and 3000 before 3000.2.

Enabling Real-Time Scanning In Imunify360

real-time-scan

 

If you’re running Imunify360 on your servers, you should enable real-time scanning. Why and how should you do that? Find out below. 

Imunify360 Heuristics: Improving Threat Detection

heuristics

Imunify360 has six core components: Web Application Firewall, Linux Malware Scanner, Proactive Defense, IDS/IPS, WebShield, and Cloud-Based Security. The last component, Cloud-Based Security, runs according to what we call heuristics. 

In Imunify360, heuristics are a set of rules based on information coming in from thousands of Imunify-protected servers all over the world. These servers send threat information to the Imunify cloud server, where it’s automatically processed by dozens of scripts. It’s also manually processed by our Analytics team. 

Imunify360 Live Webinar, Friday 3 April: New Features and Updates

webinar-cover2 (1)

At 11am EST on Friday 3 April, we’ll be conducting a live webinar on the new features and updates of Imunify360. Sign up and join the conversation on what’s new with our automated server protection suite.

The recording of the webinar is available here.

Malware Cleanup In Imunify

malware-cleanup

If you’re using Imunify360 on your servers, you’ve got a powerful system for cleaning up malware that’s also safe. If you use the recommended default settings, the sites you host will stay up and running. 

Your backups will be easy and reliable as well. That’s because Imunify360 is integrated with popular backup services, and makes sure that all of your backup files are malware-free. Let’s examine Imunify360’s linux malware scanner and malware cleanup capabilities in detail. In addition, Imunify360 prepared an article about 360 clean up in Imunify Security Suite covering how to remove malicious code.

 

Malware scanner: A New Way To Neutralize Infected Files

detection
Some Imunify360 customers don’t use the Auto Cleanup option because they’re afraid that it will break client web sites. They’re afraid that if a WordPress index.php file gets infected, for instance, the file will be blocked by Malware Scanner for Linux servers, and the web site will go down.

These fears are unfounded. Malware Scanner removes malicious code that’s been injected into a file, while leaving the rest of the file intact. It also removes malicious files that have been included into other files. Enabling Auto Cleanup is completely safe and effective.

Imunify360 4.6 released

 

IM-major-release
Subscribe to Imunify security Newsletter