System administrators should regularly take Backups of the applications, databases, and all critical data. Organizations are recommended to have a behavioral detection solution in place to successfully detect the presence of malware payloads. Users should not download suspicious applications, or attachments received over the internet and are alert to social engineering and phishing attacks. Security administrators must change the default ports for critical services and only open the minimum ports required by each device. Organizations should conduct a periodic security assessment and architecture review of critical assets exposed over the Internet. Security administrators should make sure that all applications, databases, servers, and network devices are periodically hardened and adequately configured. Similarly, during the 2021 security incident, a rogue threat actor compromised the password and accessed the provisioning system in its legacy code base for Managed WordPress (MWP) to affect at least 1.2 million active and inactive MWP customers across multiple GoDaddy brands. The security incident which happened in March 2020 resulted in the compromise of the hosting login credentials of at least 28,000 hosting customers and a small number of its employees. Securities and Exchange Commission (SEC) said the December 2022 incident has connections to the two previous security incidents it suffered in March 2020 and November 2021. Additionally, related to this incident, GoDaddy in a 10-K filing made with the U.S. In a response to the incident, GoDaddy remediated the situation and implemented additional security measures to prevent future security incidents.įurther, during the investigation, they found this campaign was done by a sophisticated and organized group to target the services provided by GoDaddy and ultimately use these malware-infected websites and servers to perform phishing campaigns, malware distribution, and other malicious activities. Initially, in the month of December 2022, GoDaddy received a small number of customer complaints related to redirecting of their websites to malicious sites and when GoDaddy investigated, it found that the issue is because an unauthorized third party had gained access to servers which are hosted on its 'cPanel environment' and installed a malware causing the redirection of the websites. On 16th February 2023, GoDaddy Inc, an American Internet domain registrar and web hosting company, released a statement to disclose a multi-year security breach it suffered, which enabled an unknown threat actor to install malware and stealing of the siphon source code related to some of its services.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |