Category: Security

Learn quick and accurate information regarding IT security that may concern your server or account. Liquid Web takes security very seriously and works to ensure you are kept in the loop regarding security updates and information. Past security information is maintained should it be needed in the future.

Reading Time: 7 minutes

You may not think much about it, but your emails go through many gateways to make it to your contact. The same goes for anyone sending messages to you. The process is called Email Authentication, and it’s crucial for all email domains. You and your business do many things to protect your privacy, but cyber threats can come from anywhere, even in your inbox. Knowing how to optimally authenticate email in your various systems is essential.

Continue reading →
Reading Time: 6 minutes

Since ancient times, people have used passwords, which are almost ubiquitous in our personal and professional lives. Though people were expected to remember their passwords as a best practice, it is practically impossible to remember hundreds of complex passwords. Therefore, people created passwords that were easy to remember and reuse across numerous accounts. However, repeated use of the same weak passwords causes data breaches and security issues.

Continue reading →
Reading Time: 4 minutes

Introduction

Microsoft Exchange Security Update
   

In this article, we provide updated information concerning the ongoing threat posed by the malware directed at Microsoft Exchange Servers noted in CVE-2021-26855. We also furnish the steps needed to update and secure your Microsoft Exchange Server. In a recent post, the Cybersecurity & Infrastructure Security Agency posted a priority security advisory regarding the recent Microsoft Exchange Server vulnerability. They state:

Continue reading →
Reading Time: 3 minutes

A new vulnerability in PHP-FPM has been noted which could lead to remote code execution on nginx. An earlier message on Twitter exposed the CVE-2019-11043 bug:

Continue reading →

WordPress Exploit – AMP Plugin

Posted on by Echo Diaz | Updated:
Reading Time: 3 minutes

AMP for WP -Accelerated Mobile Pages allows your site to be faster for mobile visitors. Along with last week’s report, the AMP plugin has also been added to the list exploited. The AMP for WP plugin was reported on October 20, 2018, by its developers. Luckily, the newest version, 0.9.97.20, of this plugin has patched for their known security flaws. This exploit has the means of putting 100,000+ users at potential risk, so its best to check if you are utilizing this plugin. In this tutorial, we will be checking if you use this plugin. Along with updating, we will also show you how to check if your site for compromises.

Continue reading →
Reading Time: 2 minutes

There is a new exploit, rated as 7.8 severity level,  that affects major Linux distributions of RedHat Enterprise Linux, Debian 8 and CentOS on both VPS servers as well as dedicated servers, called Mutagen Astronomy. Mutagen Astronomy exploits an integer overflow vulnerability in the Linux kernel and supplies root access (admin privileges) to unauthorized users on the intended server. This exploit affects Linux kernel version dating back from July 2007 to July 2017.  Living in the kernel, the memory table can be manipulated to overflow using the create_tables_elf() function. After overwhelming the server, the hacker can then overtake the server with its malicious intents.

Continue reading →

Protecting Against CVE-2016-3714 (ImageMagick)

Posted on by dpepper | Updated:
Reading Time: < 1 minute

Overview

A security vulnerability has been discovered in the ImageMagick software suite that can potentially allow remote code execution.

Continue reading →

How To Protect Your cPanel Server Against CVE-2016-1531

Posted on by dpepper | Updated:
Reading Time: 2 minutes

Overview

On March 2, Exim announced via its mailing list that it had discovered a vulnerability in all versions of its mail transport agent. Exim is the default MTA on cPanel servers. The latest version patches the vulnerability, and the latest cPanel update resolves the issue.

Continue reading →
Reading Time: 2 minutes

Overview

A new flaw has been found in the Secure Sockets Layer version 2.0 (SSLv2) protocol. An attacker could theoretically exploit this vulnerability to bypass RSA encryption, even when connecting via a newer protocol version, if the server also supports the older SSLv2 standard.

Continue reading →

Protecting Against CVE-2015-7547

Posted on by dpepper | Updated:
Category: Security | Tags: CVE-2015-7547
Reading Time: 3 minutes

The Google Security Team and Red Hat have discovered a flaw in the way that certain types of DNS lookups are handled on some Linux servers. By exploiting this critical vulnerability, an attacker could gain full control over the system.

Continue reading →
← Older posts
Have Some Questions?

Our Sales and Support teams are available 24 hours by phone or e-mail to assist.

1.800.580.4985
1.517.322.0434