Important Vulnerability on Advanced Custom Fields Plugin for WordPress

In today's digital landscape, server security is crucial for hosting providers. Cyber threats are rampant, demanding the safeguarding of infrastructure and maintaining trust. XetNET faced escalating cyber threats, overwhelmed IT and security teams, and the risk of reputation damage. Their goals were clear: robust protection, uncompromised performance, real-time monitoring, and seamless integration.

We designed a set of messages to report information about security threats that are dangerous for the server. Imunify uses cPanel contact manager to send notifications about those threats. We hope you will find them helpful. This feature can be managed through CLI. 

IMPORTANT: Upcoming Requirement for Configuration

In one month, a change will take effect for all users utilizing generic control panel integration.

The "[integration_scripts].panel_info" option, currently optional, will become mandatory. This requirement is exclusive to generic control panel users and does not apply to those on cPanel, Plesk, or DirectAdmin.

We ask you to prepare by populating this option with the appropriate script, as detailed in our documentation: Specifying Panel Information Documentation.

We’re pleased to announce the launch of a new Imunify360 feature called MyImunify, designed to help hosting companies generate revenue from their security services and give more flexibility with their hosting plans. 

Imunify360 researchers have recently found a wave of attacks exploiting a known vulnerability in Chamilo LMS (CVE-2023-34960) to escalate and execute arbitrary commands. Chamilo is an e-learning platform, also called Learning Management Systems (LMS), widely used by Universities and NGOs with a total of ~85k installations.

In the ever-evolving landscape of cybersecurity threats, no one is truly immune from the devastating consequences of a ransomware attack. Recent headlines have highlighted the unfortunate plight of Danish hosting firms CloudNordic and AzeroCloud. Their stories are a stark reminder that even the most vigilant organizations can fall prey to cybercriminals. In this article, we'll delve into the details of this attack, the lessons we can draw from it, and the importance of robust cybersecurity solutions like Imunify360 in safeguarding against such incidents.

сPanel is one of the most popular control panels on the web with a broad community and a large number of extensions. But as always, popularity has its price: every month Imunify web security analysts detect tens of thousands of specialized automated attacks on cPanel users’ accounts. The vast majority of such attacks are simple Brute-Force, however, there is always a portion of more sophisticated attempts like SQLi and others.

In the ever-changing world of web hosting, we're always on the lookout for ways to strike a balance between solid server security and helping hosting businesses grow. This challenge has led us to find innovative solutions that make things safer and open doors to new possibilities. Today, we're excited to introduce you to something revolutionary that enhances security and brings exciting growth opportunities.