<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-5HLVVHN" height="0" width="0" style="display:none;visibility:hidden">
Tag: security

Imunify Security - Monthly Digest December 2020

digest_30_days

Despite the fact that the festive season already starts in December, this month was busy for the Imunify Security team. Keep on reading to find out more about the latest package updates and some tips on how to stay secure. Stay safe and hopefully 2021 will bring you a lot of joy and pleasant moments!

A post-hack survival guide: cleaning your website after being hacked

b2ap3_large_survival-guide

Very often, web hosting administrators start to take security measures only after a website has been hacked. So, let us imagine the situation when ImunifyAV has been installed on such an infected server. All malware has been cleaned in one click, and all malicious activity has been stopped.

A Critical Security Issue: The SaltStack Salt Authorization Bypass

critical-saltstack

 

This week, the Imunify360 security team was informed of a new kind of attack, one that our customers told us caused these problems:

  • Inoperable firewall
  • High CPU resource consumption
  • Log entries such as: im360.plugins.client360: Cannot connect the Server (imunify360.cloudlinux.com) [[Errno -2] Name or service not known]

When we investigated, we saw that these issues were caused by a SaltStack authorization bypass vulnerability (CVE References: CVE-2020-11651, CVE-2020-11652). This vulnerability enables remote command execution as root, on both the master and all minions that connect to it. It affects SaltStack Salt before 2019.2.4, and 3000 before 3000.2.

An Analysis of WordPress Malware

wordpress-malware (1)
When it comes to building and managing professional-quality web sites, content management systems have become the default way to do that. WordPress is by far the most popular CMS: it’s used to build and manage around six out of every 10 sites.

The popularity of WordPress makes it a prime target for hackers. In one of our regular investigations, we recently encountered a particular strain of malware that targeted it. Here’s an analysis of that malware that we’d like to pass on to sysadmins.

How to stop doorway pages damaging your domain's reputation

doorway pages seo Imunify360

Doorway pages are a great way to improve a website’s SEO ranking.


They’re also a great way to get your domain blocked by major search engines.

So why are they still prevalent? How do they work, and why should you care if your web server hosts them?

That’s what I’ll cover in this article.

Host your website safely and avoid website cross-contamination issues

cross-contamination

This article discusses the hidden pitfalls of hosting multiple websites on one hosting account, and how you can remediate the consequences of website cross-contamination.

Why do small sites get hacked?

Why-do-small-sites-get-hacked

If you think your site won't be hacked because it's too small to matter, think again. I'll show why that is a false and dangerous assumption.

Many site owners and webmasters think that hackers only care about popular, highly-ranked websites. They are wrong.

High traffic volume helps boost earnings on partner programs by redirecting visitors to other sites, gets more views of unauthorized advertisements and attracts more clicks on rogue links. But that is not the only way hackers make money.

Unprotected sites with low traffic volume are equally attractive to hackers. It is the way they are used that differs from how hackers monetize more popular websites. Any normal site, with an audience of as little as 30 visitors a day, can still be threatened by hacking and infection. 

Subscribe to Imunify security Newsletter