cPanel support server compromised 22-Feb-2013

Please see the following security notification from cPanel that indicates that one of their support server has been compromised.

If you opened any case with cPanel on behalf of your server within 6 months, Then you should change the password of your root and any other account with sudo access.

My advice is to have a detailed verification on the following,

– ~.ssh/authorized_keys*, ie on root and sudo accounts.
– Last login IP’s
– Log file /var/log/messsages , /var/log/secure etc.

**Email received from cPanel**

[![](https://res.cloudinary.com/jobnix/image/upload/v1415999900/jobnix-cPanel-support-compromised_dyfucm.jpg “jobnix-cPanel-support-compromised”)](https://res.cloudinary.com/jobnix/image/upload/v1415999900/jobnix-cPanel-support-compromised_dyfucm.jpg)

 

 

0 0 votes
Article Rating
Subscribe
Notify of
guest
0 Comments
Oldest
Newest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x
Scroll to Top