At ResellerClub, we’re always looking out for ways to better your reseller experience with us on the service and security front. We’d like to draw your attention to new security vulnerabilities identified in two popular scripts - WordPress & Magneto. Please note that these issues are script-based and are not specific to the ResellerClub platform in any way. Read on to know more about these vulnerabilities, assess whether you could be impacted and take preventive action.
Alternatively the attacker could change the administrator’s password, create new administrator accounts, or do whatever else the currently logged-in administrator can do on the target system. You can find more details about the impact and solution for the same by clicking here.
Steps you need to take: We would request you to go through the recommendations and update your Wordpress website using the patch available here.
This is a vulnerability that has been recently reported too. The vulnerability is actually comprised of a chain of several vulnerabilities that ultimately allow an unauthenticated attacker to execute PHP code on the web server. Impact: The attacker can bypass all security mechanisms and gains control of the store and its complete database, allowing credit card theft or any other administrative access into the system. This attack is not limited to any particular plugin or theme. All the vulnerabilities are present in the Magento core, and affects any default installation of both Community and Enterprise Editions.
Steps you need to take: If you are using the mentioned vulnerable versions of Magento, we would request you to patch it using the updates provided in the following link : http://blog.checkpoint.com/2015/04/20/analyzing-magento-vulnerability/.
You can test whether your Magento website is vulnerability or not, using this tool.
We strongly recommend you access all your packages and patch them immediately to avoid any issues. In case you require any information regarding this email, please feel free to get in touch with us.Regards,
This April, continue to make the most of our Hosting and Domain promotions! Read on to find out more about how you can experience the April Hosting Fever @ Waycomp Hosting and enjoy irresistible discounts on your favourite products:
Ransomware is the generic term for any malicious software that, as its name suggests, demands a ransom be paid by the computer’s user. Generally ransomware has done something unpleasant to your computer, and potentially to your data. For instance, it might have encrypted your documents and demanded that you pay a ransom to unlock access to them. This type of ransomware is known as a filecoder. The most notorious filecoder is Cryptolocker.
How would my computer get infected by ransomware like Cryptolocker? A typical method of infection would be to open an unsolicited email attachment or click on a link claiming to come from a trusted source.
Does antivirus software protect me from Ransomware? Majority of antivirus software products will NOT prevent the attack itself, and are generally the last line of defense. Cryptolocker is detected by ESET, however it would only detect the virus after it has encrypted your files; the reason for this is that encryption is an allowed functionality of Windows. i.e. You receive a file attached in an email which appears a a PDF, ZIP etc. and once you've opened the file and allowed the program to run, it creates a process within Windows to start encrypting the files.
The virus signature then gets attached to the files/OS, which is identified by ESET and then removed, but at this point it would be too late to stop the encryption from happening. We urge you to take precautions when opening suspicious attachments. Antivirus software's function is to stop a virus NOT encryption - the way encryption has been used in this attack is to mimic the behaviour of a virus.
If you are an ESET customer and are concerned about ransomware protection or think you have been targeted by ransomware, call our customer care. They will have the latest details on how to prevent and remediate ransomware attacks. Best practice to protect yourself against data loss is with regular backups. That way, no matter what happens, you will be able to restart your digital life quickly.
We are undertaking a major revamp of our email hosting infrastructure and platform and as a part of this we are happy to announce that email packages associated to your hosting orders on the below domains will be migrated to our new Open Xchange v7 (OX7) powered platform in February 2015.What this means for you:
What you need to do now:
Check out this demo installation with the following credentials to explore the new features to prepare for this change:
Please contact us in case of any questions or concerns regarding the information in this email.