DRAW USERS
22% FASTER
WITH
IMUNIFY360
THE MAGNET
FOR ACCELERATED GROWTH
prevContact Us
- +1 (800) 231-7307
- sales@imunify360.com
-
.png)
At 11am EST on Friday 29 May, we’ll be conducting a live webinar on the new features and updates of Imunify360. Sign up and join the conversation on what’s new with our automated server protection suite.
The webinar recording is now available. You could watch it here.
Web sites running WordPress are like catnip for hackers. Among the millions of WordPress users are many with weak login credentials, which are exploited to launch malware campaigns.
Many such campaigns have been launched recently, and we at Imunify360 have discovered another one. We first detected it on 13 April, and since then we’ve seen it blocked by Imunify over 300,000 times. In the past month, this campaign has compromised thousands of unprotected WordPress-based web sites.
Let’s analyze this new WordPress malware campaign to see what makes it dangerous to web sites running WordPress. Additionally, check our WordPress Security Ultimate Guide for 2021 to learn more about WordPress Security.
We’d like to share with you what our Operations Team saw, so you know more about how malicious plugins work, and how you can avoid them. Additionally, read our website hosting security article and learn how to keep your website secure in 2021.
This week, the Imunify360 security team was informed of a new kind of attack, one that our customers told us caused these problems:
When we investigated, we saw that these issues were caused by a SaltStack authorization bypass vulnerability (CVE References: CVE-2020-11651, CVE-2020-11652). This vulnerability enables remote command execution as root, on both the master and all minions that connect to it. It affects SaltStack Salt before 2019.2.4, and 3000 before 3000.2.
.png?width=115&height=115&name=pci-dss%20(1).png "pci-dss")
