Popular on eTradeWire
- British Entrepreneur Predicts Travel Will Bounce-Back in 2021 - 536
- Serial Entrepreneur Yahaira Marie overcomes poverty to create Global Community for Small Businesses - 444
- CedintheCity Presents a New Picture Book Series Teaching Global Diversity - 247
- Get Cozy with A Winter Getaway In the Long Beach Island Region - 220
- Latin Pop/Rock group Al Cielo - First Time Meeting In Person - 199
- Project Expedition Launches Shore Excursions Platform for Travel Advisors - 167
- Financial Solutions Inc. Receives the 2020 Best of Sheridan Wyoming Award - 133
- Rock Climbers Want Sick Shirts - 130
- Weddings Beautiful Worldwide announces Jacqueline Vazquez as new CEO - 129
- Moss Foundation Donates $75K to Children's Charities - 120
Similar on eTradeWire
- To succeed with your cloud adoption journey talk to Triumph Tech.io
- Adyton Announces Mobile Performance Assurance + Intelligence Augmentation Tech
- New Yorker Electronics Introduces CIT Relay & Switch Automotive Relay Series
- IOTech names Gavin Hunter as VP of global marketing
- NetGain Technologies Acquires Arnet Technologies and LK TECH
- Introducing BIAMI.IO Apps Framework
- TechnoEdge Learning Launches New CompTIA Network+ Course as Part of Partnership with CompTIA
- Tero Peltomäki Appointed as New CEO of Cimcorp
- New Yorker Electronics Releases Expanded VPG C4A Series Stress Analysis Strain Gage Sensors
- Actuated Medical Receives SBA's Prestigious Tibbets Award
Digital Defense, Inc. Discloses cPanel® & WHM® Vulnerability
eTradeWire News/10595899
Two-Factor Authentication Bypass Flaw Could Affect Over 70 Million Domains
SAN ANTONIO - eTradeWire -- – Digital Defense, Inc. (http://www.ddifrontline.com/), a leader in vulnerability and threat management solutions (https://www.digitaldefense.com/platform/), today announced that its Vulnerability Research Team (VRT) (https://www.digitaldefense.com/technologies/ddi...) uncovered a previously undisclosed vulnerability affecting the cPanel & WebHost Manager (WHM) web hosting platform. cPanel &WHM version 11.90.0.5 (90.0 Build 5) exhibits a two-factor authentication bypass flaw, vulnerable to brute force attack, resulting in a scenario where an attacker with knowledge of or access to valid credentials could bypass two-factor authentication protections on an account. Digital Defense's internal testing demonstrated that an attack can be accomplished in minutes.
"Our standard practice is to work in tandem with organizations on a coordinated disclosure effort to facilitate a prompt resolution to a vulnerability. The Digital Defense VRT reached out to cPanel who worked diligently on a patch. We will continue outreach to customers ensuring they are aware and able to take action to mitigate any potential risk introduced by the vulnerability," states Mike Cotton, senior vice president of engineering at Digital Defense.
More on eTradeWire News
cPanel & WHM is a suite of tools built for Linux OS that allows hosting providers and users the ability to automate server management and web hosting tasks while simplifying the process of website hosting for the end user. Serving the global hosting community for over 20 years, cPanel touts having over 70 million domains launched on servers using cPanel & WHM to date.
What You Can Do
cPanel's recent advisory provides more details about the updates that have been released, which should be applied: https://news.cpanel.com/cpanel-tsr-2020-0007-full-disclosure/. For additional information, customers should contact cPanel directly.
Digital Defense Research Methodology and Practices
The Digital Defense VRT regularly works with organizations promoting the responsible disclosure of zero-day vulnerabilities. The expertise of the VRT, when coupled with the company's next generation hybrid cloud platform, Frontline Vulnerability Manager (https://www.digitaldefense.com/platform/frontline-vm/), enables early detection capabilities. When zero-days are discovered and internally validated, the VRT immediately contacts the affected vendor to notify the organization of the new finding(s) and assists, where possible, with the vendor's remediation actions.
More on eTradeWire News
To view Digital Defense's zero-day advisories to date, please visit: https://www.digitaldefense.com/vulnerability-re....
About Digital Defense:
Serving clients across numerous industries, from small businesses to very large enterprises, Digital Defense's innovative and leading edge technology helps organizations safeguard sensitive data and eases the burdens associated with information security. Frontline Vulnerability Manager™, the original Vulnerability Management as a Service (VMaaS) platform, delivers consistently accurate vulnerability scanning and penetration testing, while SecurED®, the company's security awareness training, promotes employees' security-minded behavior.
"Our standard practice is to work in tandem with organizations on a coordinated disclosure effort to facilitate a prompt resolution to a vulnerability. The Digital Defense VRT reached out to cPanel who worked diligently on a patch. We will continue outreach to customers ensuring they are aware and able to take action to mitigate any potential risk introduced by the vulnerability," states Mike Cotton, senior vice president of engineering at Digital Defense.
More on eTradeWire News
- Wedding Photographs Finalists in Street Photography Competition
- Beta-Glucan Assay Kit (Fluorometric)
- How Physical Therapy Can Help With Back Pain
- Teri Isner Awarded Prestigious "Premier Luxury Marketing Consultant" Certification
- China Refuses to Accept Service of Berman Law Group's Coronavirus Class Action Complaint
cPanel & WHM is a suite of tools built for Linux OS that allows hosting providers and users the ability to automate server management and web hosting tasks while simplifying the process of website hosting for the end user. Serving the global hosting community for over 20 years, cPanel touts having over 70 million domains launched on servers using cPanel & WHM to date.
What You Can Do
cPanel's recent advisory provides more details about the updates that have been released, which should be applied: https://news.cpanel.com/cpanel-tsr-2020-0007-full-disclosure/. For additional information, customers should contact cPanel directly.
Digital Defense Research Methodology and Practices
The Digital Defense VRT regularly works with organizations promoting the responsible disclosure of zero-day vulnerabilities. The expertise of the VRT, when coupled with the company's next generation hybrid cloud platform, Frontline Vulnerability Manager (https://www.digitaldefense.com/platform/frontline-vm/), enables early detection capabilities. When zero-days are discovered and internally validated, the VRT immediately contacts the affected vendor to notify the organization of the new finding(s) and assists, where possible, with the vendor's remediation actions.
More on eTradeWire News
- PODS® Phoenix is Ringing in the New Year with Helpful DIY Tips for Simple Garage Storage
- Ahlers & Ogletree's three-day, online-only A Collector's Dream auction, Jan. 15-17, tops $2 million
- Love & Sip Valentine Brunch with Celebrity The Comedian, Tomea, Grammy Saxophonist Jason Davis, Gospel Contemporary Duo, Only God Ministries
- Connie Gohata Awarded Prestigious "Premier Luxury Marketing Consultant" Certification
- Crystal Perez Awarded Prestigious "Premier Luxury Marketing Consultant" Certification
To view Digital Defense's zero-day advisories to date, please visit: https://www.digitaldefense.com/vulnerability-re....
About Digital Defense:
Serving clients across numerous industries, from small businesses to very large enterprises, Digital Defense's innovative and leading edge technology helps organizations safeguard sensitive data and eases the burdens associated with information security. Frontline Vulnerability Manager™, the original Vulnerability Management as a Service (VMaaS) platform, delivers consistently accurate vulnerability scanning and penetration testing, while SecurED®, the company's security awareness training, promotes employees' security-minded behavior.
Source: Digital Defense, Inc.
Filed Under: Technology, Security
0 Comments
Latest on eTradeWire News
- KYC2020 Awarded as a Global Leader in AML Compliance by RegTech Analyst
- GoFind Inc Files for Voluntary Dissolution
- Big Win For Mizner CC's Women's Tennis Team
- Ashton College Launches CBA-Accredited Certificate of Accounting Program
- Ponos Industries Extends Tender Offer for up to 2,000,000 Shares of Common Stock of Verizon Communications Inc
- Harrisburg Location of Exeter Orthodontics Offering Families Affordable Braces
- Chipkin's BBMD – BACnet Broadcasts Solved
- My Puppies Palace: Enjoy Top Quality Products For Your Pooch
- Virginia Solar Summit Set to Scale Up Ground-Mounted Solar Power on Mine Lands and Brownfields
- Dedeaux Properties Closes Out 2020 with $500 MM in Industrial Real Estate Transaction Volume
- Five Stuart Kane Attorneys Recognized in 2021 Southern California Super Lawyers List
- Successful Marquette Financial Advisor releases landmark book about faith and financial wisdom
- Director Joseph Faucher Recognized by 2021 Southern California Super Lawyers
- Super Lawyers 2021 Selects Six Umberg/Zipser Attorneys
- Nashville Valentine's Day Package Love Is Not Cancelled
- Watch Harjaei Series On Our Site For Free Today!
- VPI Now Offering Antibacterial/Antimicrobial CAT6a Shielded Patch Cables
- New Speakers from New Nations Announced for Helicopter Technology Central and Eastern Europe 2021
- Houston Native Denaron Will Release Single "Wild Out" Featuring Young Dro Febuary 2, 2021
- StroudwaterGCL Rural Healthcare Capital Welcomes Industry Leader as Chief Executive Officer