Processing
Home
My Account
Member Home
Edit Your Profile
Edit Your Password
Sub Accounts
Refill Account
View/Pay Invoices
Recent Transactions
Recent History
Correspondence Archive
Login
Create Account
Domains
Register Domain
Transfer Domain
Manage Domains
Domain Profiles
Transfer Status
Whois Lookup
My Packages
View Hosting Accts
View Server Accts
Other Orders
Downloads
Download Archives
Help & Info
Member News
Templates
Online CC Processing
Retail CC Processing
SSL Certificates
Knowledge Base
Support System
Affiliate Info
Terms of Service
Contact Us
Login
News Archives
Your Requested News Article
Search the News Database for:
Article #41 Date Entered: 06-01-2009
Dear Customers,
Please be advised that there is currently a serious security vulnerability in Adobe products which could affect your website hosting.
If you are not running the most recently patched versions of Adobe Acrobat and Adobe Flash Player you are at risk for compromising your web sites. A recently discovered vulnerability in this software which runs locally on your computer can lead to malware stealing your FTP credentials with the potential for much more. This poses a significant security risk to your server and web sites, leading to attackers using client FTP credentials to deface web sites and insert malicious code which can exploit things further. Below is a description of the risk from the United States Computer Emergency Readiness Team.
Here are two quick links to update your versions:
http://get.adobe.com/flashplayer/
http://get.adobe.com/reader/
Lastly, please be sure that you are up to date with good antivirus software on your local computer. If you discover by surfing any of your web sites that they have been affected, please enter a support ticket and our team can help to mitigate any damage done and issue new FTP/other credentials. It is crucial that your local software and virus protection be up to date.
Information as published on:
http://www.us-cert.gov/current/
Gumblar Malware Exploit Circulating
added May 18, 2009 at 12:47 pm
US-CERT is aware of public reports of a malware exploit circulating. This is a drive-by-download exploit with multiple stages and is being referred to as Gumblar. The first stage of this exploit attempts to compromise legitimate websites by injecting malicious code into them. Reports indicate that these website infections occur primarily through stolen FTP credentials but may also be compromised through poor configuration settings, vulnerable web applications, etc. The second stage of this exploit occurs when users visit a website compromised by Gumblar. Users who visit these compromised websites and have not applied updates for known PDF and Flash Player vulnerabilities may become infected with malware. This malware may be used by attackers to monitor network traffic and obtain sensitive information, including FTP and login credentials, that can be used to conduct further exploits. Additionally, this malware may also redirect Google search results for the infected user.
US-CERT encourages users and administrators to apply software updates in a timely manner and use up-to-date antivirus software to help mitigate the risks.
US-CERT will provide additional information as it becomes available
Return to Search
Copyright © 2010 Scout Web Solutions, LLC. All rights reserved.
