<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-5HLVVHN" height="0" width="0" style="display:none;visibility:hidden">
Tag: imunify-security-notifications

Information about a recent security incident

notificationDear Imunify customers,

From massive infection to zero impact

notification-malware-3-1

Infection description

Starting on Jun 29, we detected a malicious campaign that uses Crontab in a chained infection flow. A closer look reveals a common pattern attackers use in order to inject a backdoor to a vulnerable host.

It starts from logging in with previously stolen credentials to the cPanel service. After that, the attacker makes an attempt to upload a backdoor directly to the public directory. And the final step is to set up a CronJob task, containing obfuscated malware, scheduled to trigger every at regular intervals.

How to Manage Imunify Security Notifications

notifications

We designed a set of messages to report information about security threats that are dangerous for the server. Imunify uses cPanel contact manager to send notifications about those threats. We hope you will find them helpful. This feature can be managed through CLI. 

Subscribe to Imunify security Newsletter