<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-5HLVVHN" height="0" width="0" style="display:none;visibility:hidden">
Tag: imunify-security-notifications

Hash-Based Ignore Lists: New Feature in Imunify360

Hash-Based Ignore Lists: New Feature in Imunify360

We're excited to announce a significant enhancement to Imunify360's capabilities - management of ignore lists based on file hashes. This feature is designed to streamline security management across large server deployments.

For large organizations looking to maintain consistency and avoid the hassle of managing different ignore lists across their server fleet, this centralized solution is the perfect fit.

How to Manage Imunify Security Notifications

IM_securitynotifications

We designed a set of messages to report information about security threats that are dangerous for the server. Imunify uses cPanel contact manager to send notifications about those threats. We hope you will find them helpful. This feature can be managed through CLI. 

Important Notice: Yandex Bot Crawling Issue Affecting Your Website's Visibility

yandex bot crawling

Dear customers,

We've identified a concern with Yandex bot crawling that may impact your website's visibility. Our investigation shows that, besides legitimate Yandex bots, some traffic from these IP addresses may be malicious.

 

While we're collaborating with Yandex's support team for a solution, here are some interim measures:


Information about a recent security incident

recent security incidentDear Imunify customers,
We would like to inform you about a recent security incident that may have affected the analytical data collected from your servers by the Imunify product (e.g., attacker IP addresses, captcha events, etc.). Your privacy and information security are our top priorities, and we deeply regret any inconvenience this may cause.

From massive infection to zero impact

From massive infection to zero impact

Infection description

Starting on Jun 29, we detected a malicious campaign that uses Crontab in a chained infection flow. A closer look reveals a common pattern attackers use in order to inject a backdoor to a vulnerable host.

It starts from logging in with previously stolen credentials to the cPanel service. After that, the attacker makes an attempt to upload a backdoor directly to the public directory. And the final step is to set up a CronJob task, containing obfuscated malware, scheduled to trigger every at regular intervals.

Subscribe to Imunify security Newsletter