RSS Feed
News
Jun
11
CPanel EXIM Vulnerabilities and Patches
Posted by Steven m on 11 June 2019 07:02 AM

Hi,

We were notified about some major vulnerabilities with CPanel's current version of EXIM and it can lead to exploitation for crypto attacks.  As a result, we have since the 6th of June been patching all of our servers.  All our shared servers are protected, but we need our dedicated and VPS clients to contact us ASAP.  We will be upgrading them as well as fast as possible.  If you don't want to upgrade, let us know, but we will be pushing heavily for it. 

We want to provide you with information regarding an Exim exploit that NIST has posted about today:
https://nvd.nist.gov/vuln/detail/CVE-2019-10149

This Exim exploit could affect any servers running cPanel & WHM versions below our latest LTS version which, as of this email is, v78.0.27. For more information about this Exim exploit, please see the link above.
We recommend that you update any servers below cPanel & WHM v78.0.27, promptly, to ensure that you've received the latest system updates.
If you have any issues with the updates, please contact our technical support analysts for assistance:
 
-Steven

Read more »



Jan
28
CPanel Updates January 2019
Posted by Steven m on 28 January 2019 10:45 AM

Date:  January 22, 2019 - Till Completition.

Time:  Ongoing

Scope of Work:

We will be upgrading our CPanel control panel software to the latest stable versions for all shared servers.  The update addresses some bug fixes as well as security patches necessary to give us a stable platform to provide to clients.  Due to the number of servers we have in our fleet, we have to perform continuous rolling upgrades.  The upgrade will not really impair any functions, just for a short duration few minutes or so, the control panel will not be available. 

Dedicated and VPS clients are urged to contact us to schedule upgrades as well.


Read more »



Jun
29
[Unaffected] Comcast Network Issues June 29 2018
Posted by steven m on 29 June 2018 11:59 AM

Comcast, one of the largest network operators in the United States is having significant network instability throughout the country.  This issue doesn't affect our datacenter at all.
While we do not have Comcast as an ISP in our mix, many of our clients use Comcast as their home ISP.  If you are one of these clients and see your systems as down, it's not.  It's just a Comcast outage.  There is no ETR (estimated time of repair).   We will try to keep you posted here.

 


Read more »



May
4
Removing TLSv1 Support For PCI Compliance
Posted by steven m on 04 May 2018 08:39 AM

Date:  May 4, 2018 - May 6, 2018

Time:  23:00 PST (GMT -7:00)

Scope of Work:

Starting at 23:00 PST we systematically be removing support for TLSv1 on all of our shared servers.  We are doing this in anticipation of the upcoming June 30, 2018 global removing of support for this protocol.  You can read more about it here:  https://blog.pcisecuritystandards.org/are-you-ready-for-30-june-2018-sayin-goodbye-to-ssl-early-tls .  .  For VPS/dedicated server clients, please contact us and we can try to schedule your system upgrades at a time that fits best with your business.  For all others, we will be rolling out updates all day and it will probably take mulitiple days due to the amount of systems that will need to be updated.

This is just an informational message.


Read more »



Mar
27
Los Angeles Generator Monthly Run Test March 27, 2018
Posted by steven m on 27 March 2018 08:29 AM

Date:  March 27, 2018

Time:  10:00AM PST (GMT -7:00)

Scope of Work:

At 10AM PST we will run our generators for the monthly testing that we perform.  We do this to ensure that in the event of an emergency, they will function flawlessly.  There is no interruption to your services, or any downtime associated with this as we are just powering them on and running them for a specified amount of time, and turning them off again. 

This is just an informational message.


Read more »



Jan
4
Operating System Vulnerabilities and Patches
Posted by steven m on 04 January 2018 09:54 AM

Date:  January 4, 2018

Time:  Ongoing

Scope of Work:

We will be patching our systems as erratas become available.  There were multiple vulnerabilities found in Intel and AMD chips.  It is called speculative execution.  As it stands now, Centos 7 servers can be patched, and we will be patching all Centos 6 systems when the patch is made available.  For dedicated server clients, please contact us and we can try to schedule your system patches at a time that fits best with your business.  For all others, we will be rolling out updates all day and it will probably take mulitiple days due to the amount of systems that will need to be patched.  Once the patch is setup on the server(s), then a reboot will need to be initiated.  You should also look at your own computer (home or office) as there is a high probability that it too would be affected as this is a massive vulnerability. 

https://access.redhat.com/security/vulnerabilities/speculativeexecution

https://www.forbes.com/sites/thomasbrewster/2018/01/03/intel-meltdown-spectre-vulnerabilities-leave-millions-open-to-cyber-attack/#458703d33932

As always, if you have any questions, please feel free to contact us.

 


Read more »