On May 12, 2017, hackers exploiting a vulnerability in Microsoft Windows have attacked a large number of PCs worldwide, including hospitals in the UK and elsewhere and have infected vulnerable PCs with “ransomware” demanding payment in order to unlock the infected computer. The malware propagates by tricking email recipients into clicking on infected attachments. Once… Read More »
Domain registrar OpenSRS warns that there is an ongoing phishing attack against domain owners. The object is to trick you into providing credentials that will let the bad guys hijack your domain. If you get email claiming that your domain has been suspended, do not click any of the links or reply to the email… Read More »
The FBI has warned that ISIL is exploiting vulnerabilities in WordPress sites running out-of-date versions of WordPress or old versions of certain plugins or themes to deface the sites. The FBI’s statement: http://www.ic3.gov/media/2015/150407-1.aspx Sucuri’s writeup with mention of specific plugins to check: http://blog.sucuri.net/2015/04/fbi-public-service-annoucement-defacements-exploiting-wordpress-vulnerabilities.html The current version of WordPress (as of 4/8/2015) is 4.1.1. If you… Read More »
We are patching and rebooting all linux servers for the ‘GHOST‘ security vulnerability. Reboots aren’t needed often with linux, but because this patch replaces a library (glibc) that is used by many programs on each server, a reboot is required.
According to Ars Technica, encrypted eBay passwords and other information have been stolen by cyberattackers. If you have an eBay account, change your password ASAP. If your eBay password is one you’ve used on other services, including your accounts with HIS, change those passwords too, and don’t use the same password on more than one… Read More »
You may have read about the bug in OpenSSL that allowed attackers to access random 64k byte chunks of memory. This bug was reported by CERT on Monday, April 7, 2014. Software vendors supplied patches on April 7 and 8. A few of our SSL servers were vulnerable, and we had all patches applied and were… Read More »
Windows XP has reached end-of-life, and there will be no updates or security patches for XP after April 8, 2014. The bad news is that CERT estimates that 30% of all internet-connected PCs are still running XP, so a lot of people are going to be exposed to the latest malware with no help from… Read More »
his.com and hers.com mailboxes on mail.his.com have been increased in size to 5 gigabytes. You can add disk storage if you need it for $1/gb/month. You can check your storage status by logging on to https://webmail.his.com and hovering your mouse over the bar under your name at the top of the screen. Tip: if you… Read More »
There’s a significant attack by a botnet on WordPress sites, where the bots are trying to guess the passwords of common admin logins. More info: http://arstechnica.com/security/2013/04/huge-attack-on-wordpress-sites-could-spawn-never-before-seen-super-botnet/ If you are using WordPress and are using a common username or a common password, change it immediately to something less obvious. Update your WordPress admin password when in… Read More »
In order to expand disk space to accommodate larger user disk allowances, Zimbra servers mail.his.com and dc.his.com will be taken offline briefly this weekend: mail.his.com – starting at 3 AM EDT, Saturday, April 6th – COMPLETED 5:20 AM April 6 dc.his.com – starting at 3 AM EDT, Sunday, April 7th – COMPLETED with no downtime.