Digital Defense, Inc. Discloses cPanel® & WHM® Vulnerability
Txylo.com/10101583
Trending...
- Orbital Energy Group, Inc. Announces Closing Of $35 Million Registered Direct Offering Priced At-The-Market Under Nasdaq Rules
- Wright's Media Announces New Collaboration with Wirecutter, A New York Times Company
- City Streaming TV, a Streaming Television Inc Network Launches, bringing Community and Faith Leaders into local TV's, At No Cost
Two-Factor Authentication Bypass Flaw Could Affect Over 70 Million Domains
SAN ANTONIO - Txylo -- – Digital Defense, Inc. (http://www.ddifrontline.com/), a leader in vulnerability and threat management solutions (https://www.digitaldefense.com/platform/), today announced that its Vulnerability Research Team (VRT) (https://www.digitaldefense.com/technologies/ddi...) uncovered a previously undisclosed vulnerability affecting the cPanel & WebHost Manager (WHM) web hosting platform. cPanel &WHM version 11.90.0.5 (90.0 Build 5) exhibits a two-factor authentication bypass flaw, vulnerable to brute force attack, resulting in a scenario where an attacker with knowledge of or access to valid credentials could bypass two-factor authentication protections on an account. Digital Defense's internal testing demonstrated that an attack can be accomplished in minutes.
"Our standard practice is to work in tandem with organizations on a coordinated disclosure effort to facilitate a prompt resolution to a vulnerability. The Digital Defense VRT reached out to cPanel who worked diligently on a patch. We will continue outreach to customers ensuring they are aware and able to take action to mitigate any potential risk introduced by the vulnerability," states Mike Cotton, senior vice president of engineering at Digital Defense.
More on Txylo.com
cPanel & WHM is a suite of tools built for Linux OS that allows hosting providers and users the ability to automate server management and web hosting tasks while simplifying the process of website hosting for the end user. Serving the global hosting community for over 20 years, cPanel touts having over 70 million domains launched on servers using cPanel & WHM to date.
What You Can Do
cPanel's recent advisory provides more details about the updates that have been released, which should be applied: https://news.cpanel.com/cpanel-tsr-2020-0007-full-disclosure/. For additional information, customers should contact cPanel directly.
Digital Defense Research Methodology and Practices
The Digital Defense VRT regularly works with organizations promoting the responsible disclosure of zero-day vulnerabilities. The expertise of the VRT, when coupled with the company's next generation hybrid cloud platform, Frontline Vulnerability Manager (https://www.digitaldefense.com/platform/frontline-vm/), enables early detection capabilities. When zero-days are discovered and internally validated, the VRT immediately contacts the affected vendor to notify the organization of the new finding(s) and assists, where possible, with the vendor's remediation actions.
More on Txylo.com
To view Digital Defense's zero-day advisories to date, please visit: https://www.digitaldefense.com/vulnerability-re....
About Digital Defense:
Serving clients across numerous industries, from small businesses to very large enterprises, Digital Defense's innovative and leading edge technology helps organizations safeguard sensitive data and eases the burdens associated with information security. Frontline Vulnerability Manager™, the original Vulnerability Management as a Service (VMaaS) platform, delivers consistently accurate vulnerability scanning and penetration testing, while SecurED®, the company's security awareness training, promotes employees' security-minded behavior.
"Our standard practice is to work in tandem with organizations on a coordinated disclosure effort to facilitate a prompt resolution to a vulnerability. The Digital Defense VRT reached out to cPanel who worked diligently on a patch. We will continue outreach to customers ensuring they are aware and able to take action to mitigate any potential risk introduced by the vulnerability," states Mike Cotton, senior vice president of engineering at Digital Defense.
More on Txylo.com
- Port Houston Commission Meeting January 26
- CPS Energy Seeks Applicants For Rate Advisory Committee
- San Antonio: Councilwoman Jada Andrews-Sullivan issues statement on violence in District 2
- Geospace Technologies Reports First Quarter 2021 Results and Conference Call Schedule
- Texas nut company brings healthy nut mixes, candies to the health conscious
cPanel & WHM is a suite of tools built for Linux OS that allows hosting providers and users the ability to automate server management and web hosting tasks while simplifying the process of website hosting for the end user. Serving the global hosting community for over 20 years, cPanel touts having over 70 million domains launched on servers using cPanel & WHM to date.
What You Can Do
cPanel's recent advisory provides more details about the updates that have been released, which should be applied: https://news.cpanel.com/cpanel-tsr-2020-0007-full-disclosure/. For additional information, customers should contact cPanel directly.
Digital Defense Research Methodology and Practices
The Digital Defense VRT regularly works with organizations promoting the responsible disclosure of zero-day vulnerabilities. The expertise of the VRT, when coupled with the company's next generation hybrid cloud platform, Frontline Vulnerability Manager (https://www.digitaldefense.com/platform/frontline-vm/), enables early detection capabilities. When zero-days are discovered and internally validated, the VRT immediately contacts the affected vendor to notify the organization of the new finding(s) and assists, where possible, with the vendor's remediation actions.
More on Txylo.com
- Ascend Performance Materials' Acteev technology takes prize at Outdoor Retailer Innovation Awards
- Texas: Governor Abbott, TDEM Expand COVID-19 Rapid Testing Program For Front Line Workers Of Small Businesses
- Noble Midstream Partners to Host Conference Call and Webcast on February 12
- Q4 2020 | Austin Office | Research & Forecast Commericial Real Estate Report
- San Antonio: Councilwoman Shirley Gonzales' Statement Regarding her Amendment to the FY 2021 HUD Action Plan and Budget
To view Digital Defense's zero-day advisories to date, please visit: https://www.digitaldefense.com/vulnerability-re....
About Digital Defense:
Serving clients across numerous industries, from small businesses to very large enterprises, Digital Defense's innovative and leading edge technology helps organizations safeguard sensitive data and eases the burdens associated with information security. Frontline Vulnerability Manager™, the original Vulnerability Management as a Service (VMaaS) platform, delivers consistently accurate vulnerability scanning and penetration testing, while SecurED®, the company's security awareness training, promotes employees' security-minded behavior.
Source: Digital Defense, Inc.
Filed Under: Technology
0 Comments
Latest on Txylo.com
- China Refuses to Accept Service of Berman Law Group's Coronavirus Class Action Complaint
- Texas Instruments board declares first quarter 2021 quarterly dividend
- Love & Sip Valentine Brunch with Celebrity The Comedian, Tomea, Grammy Saxophonist Jason Davis, Gospel Contemporary Duo, Only God Ministries
- Corey Edward and FyreSyde Publishing Announce the Release of Friday Nightmares
- Rustic Deco Launches B2B Wholesale Furniture Website
- Phillips 66 Receives $3 Million Grant to Advance Reversible Solid Oxide Fuel Cell Technology
- GoFind Inc Files for Voluntary Dissolution
- Houston Native Denaron Will Release Single "Wild Out" Featuring Young Dro Febuary 2, 2021
- Surgical Notes Releases E-book on Ambulatory Surgery Center Revenue Cycle Outsourcing
- U.S. Physical Therapy, Inc. Schedules Fourth Quarter and Year Ended 2020 Release and Conference Call for Thursday, February 25, 2021
- IOTech names Gavin Hunter as VP of global marketing
- Houston: Mayor Sylvester Turner's Statement on the State's Cancer Cluster Investigations In Fifth Ward
- Introducing BIAMI.IO Apps Framework
- Parks Associates Announces 2021 Events Focused on the Connected Consumer, Home Automation and Security, Energy Management, Connected Health and Independent Living, and Digital Content and Video Services
- Jacobs Develops a New Service to Improve Home-to-School Travel Experience for Special Education Needs Children and Young People
- Valentine Holiday New Hottest Graphics Designs printed on Apparel by Stream Info Brokers on sale!
- Vista Equity Partners Pioneers Investor Engagement Center to Advance Limited Partner Relationship Management
- City of San Antonio lays out goals and timeline for collective bargaining with the police union
- Celanese to Host Virtual 2021 Investor Day
- RW Richard Announces the Release of Cinnamon & Sugar