Check your host's cPanel is up to date say Hacker News

24 November 2020.

Strange that cPanel Security News has not yet reported this BUT Hacker News report that cPanel has patched a security vulnerability that could have allowed remote attackers with access to valid credentials to bypass two-factor authentication (2FA) protection on an account.

QUOTE

"The issue, tracked as "SEC-575" and discovered by researchers from Digital Defense, has been remedied by the company in versions:

• 11.92.0.2,
• 11.90.0.17, and
• 11.86.0.32

of the software."

Source: The Hacker News - see link below.

Read more: 2-Factor Authentication Bypass Flaw Reported in cPanel and WHM Software.

Update 29 Nov 2020

cPanel are now reporting this in cPanel Security News.

Read more: cPanel TSR-2020-0007 Full Disclosure.

Check your host's cPanel is up to date

Do not assume your hosting provider is keeping up to speed with developer roll-outs of security releases.

Visit the above link for more details.

Recommended

Subscribe to The Hacker News newsletter when you visit the above link.

About The Hacker News

"The Hacker News (THN) is a leading, trusted, widely-acknowledged dedicated cybersecurity news platform, attracting over 8 million monthly readers including IT professionals, researchers, hackers, technologists, and enthusiasts."

Read more: About 'The Hacker News' Media.

Protect your device, browser & web connection

When thinking about website security, it is easy to overlook the:

• device (operating system) used to connect to your website,
• the way you connect (your web browser) to the internet, and
• how you connect (in the clear or via encryption).

Read more: Protect your device, browser & web connection.