Security Archives | HostStage .

Category Archives: "Security"

CVE-2018-0886-remote-desktop-access-min
CVE-2018-0886: Microsoft Security Update CredSSP affecting RDP Access
On the 8th of May, Microsoft finalized an update which started in March 13th by changing the authentification protrocol of the remote desktop sessions.They rolled the final update by disabling the former CREDSSP protocol since an exploit was discovered. (CVE-2018-0886)The exploit allowed to execute remote code a remote system through the logins details provided in a regular remote desktop session.A hacker could therefore gain access to the remote desktop data, programs or even create/ disable new accounts.Since, yesterday the...

Read More
Google: HTTPS Swap is now Overdue
In 2014 Google made a statement on their webmaster central blog mentioning that Google would start to give a slight ranking boost to secured HTTPS websites using a SSL relying on a 2048 Bit key.In January 2017 Google mentioned on their Google Security Blog that they had introduced with Chrome Version 56, a "Not Secure" mention in the address bar for website transmitting password or credit cards information.  While being announced in April 2017  in this official blog post, we...

Read More
Wanna Cryptor
World Wide Ransomware Outbreak using the NSA ToolKit
posted by: in Security | tagged:
Yesterday a massive world wide event took place with a ransomware worm attacking hundreds of thousands of computers and self replicating.How did the Ransomware spread ?The ransomware WannaCry (aka : WCry, WanaCryptor, WannaCrypt, Wanna Decryptor)has been seeded first through a campaign of emails phishing and spread to governments services (NHS, Russian Ministries..) and also many corporations (FedEx, Renault, Dacia, Nissan...) and throughout different countries.After the initial mailing campaign, the ransomware was self distributing by SMB network scan using shared...

Read More
Security Issue : Leaks of 68 Millions Dropbox Accounts
There is a current rumor of a leak of over 60 millions accounts details of dropbox users.It is recommended to change the dropbox password as soon as possible to be on the cautious side.We know how online marketers are loving the dropbox feature hence this post post to inform about a critical situation. It remains a solid way to transfer files from your computer to your Windows VPS for instance.Dropbox is currently asking users to reset their passwords following a...

Read More
Security Issue : WordPress Plugin All in One SEO Pack v2.3.6.1 exploit
posted by: in Security
All in One SEO pack is a widely spread plugins used to set the meta description, keywords and titles for the Wordpress posts.A XSS exploit has been discovered on the plugin All in One SEO pack plugin for the version 2.3.6.1 and before.You can immediately check the version from the plugin page and the current version should be v2.3.8.The XSS has been discovered in the bad bot blocker feature and involve an exploit allowing to steal the administrator tokens...

Read More
Security Issue Exim : CVE-2016-1531 -> PATCHED!
posted by: in Security
On the 2nd of March an Exim vulnerability has been discovered and announced allowing any user to gain root privileges.  This issue is affecting all its versions. Exim is the default mail transporter for all cPanel based servers. cPanel has included an emergency update which was patched overnight. We did a manual update on all our critical infrastructures using cPanel (mainly our shared and reseller servers) a few hours after the security issue. You can check whether your server has been updated by...

Read More
Security Issue Adobe Type Manager : CVE-2015-2426 -> PATCHED!
posted by: in Security
A few days, the hacking team released a few unknown exploits that are affecting all systems. The security alert CVE-2015-2426 is dealing with all windows version and it involves elevated privileges through the Adobe type manager library's DLL : atmfd.dll.The DLL provides support for OpenType fonts and the exploit consists in a memory corruption that would give a full and hidden access to the hacker.It is warmly recommended to perform the latest windows updates available in your update...

Read More
Security Issue Glibc : CVE-2015-0235 -> PATCHED!
posted by: in Security
Hello,48 hours ago a new security vulnerability has been discovered affecting most of the linux distribution running the GNU C Library.  It is announced as very easy to exploit. You can find accurate details of the security threat quoted below : "A heap-based buffer overflow was found in __nss_hostname_digits_dots(), which is used by the gethostbyname() and gethostbyname2() glibc function call. A remote attacker could use this flaw to execute arbitary code with the permissions of the user running the application."At HostStage,...

Read More
Security Issue bash : ShellShock CVE-2014-6271 and CVE-2014-7169 -> PATCHED!
posted by: in Security
A couple of days ago, 2 severe security threats were revealed which were called ShellShock. The security issue is dealing with the bash package affecting all Red Hat based OS (including CentOS), Debian, Ubuntu and Fedora. At HostStage, we took the problem very seriously and we deployed updates throughout our whole network. All our servers weree patched immediately and even updated twice as far as a second injection vulnerability was discovered. Finally, we have also decided, giving the criticity of the...

Read More
Linux VPS : Weak Password Hunt!
Hello,We are currently deploying an algorythm to detect weak passwords which is creating a significant vulnerability for your VPS. If your password is considered as too weak (included in most famous brute force dictionnary or not including a complex string) it will be changed automatically to a more secured one and we will email the concerned VPS. Over the last few months, we had a couple of hacked VPS which caused a serious inconvenience for their users. We are taking our responsabilities...

Read More

Join Us on Facebook

Our Latest Tweets

  • 2 months ago

    @Galukxy  What is the reason of your website suspension? It could be something we could help you with actually

  • 5 months ago

    The Ultimate List: 57 Online Local Business Directories https://t.co/HATo96qXrw #localseo #Leadgeneration… https://t.co/HUz7sXscHz

  • 5 months ago

    21 of the Best #Facebook Pages We've Ever Seen https://t.co/Kz0o3jhuWS #FacebookMarketing #SMM #socialmedia https://t.co/nFOwpvtGMs

  • 5 months ago

    How to Make the Right Landing Page Rank: A Complete #SEO Checklist https://t.co/PaAye3CJCd #DigitalMarketing https://t.co/vTsj6sXEpu

  • 5 months ago

    30 Crazy #SocialMedia Facts That Might Change How You Think About Marketing https://t.co/hmEK7QuAnM #SMM #marketing https://t.co/mUlSRX8itV