Evo ga resenje. Mail dobijen isto od Wiredtree sa sledecim objasnjenjem:
Citat:
Our security team had been following some wide spread reports of root level compromises over the course of a couple of weeks. As time went on more and more were being reported, and we saw a handful on our network. One thing all of the servers compromised had in common was that SSHd was enabled with password authentication. We blocked SSHd temporarily as a precautionary measure, however we have since learned that SSHd was not the actual culprit.
We have been informed by cPanel that one of their servers in their Technical Support department was compromised and after further investigation, we have found that servers that were compromised had a cPanel ticket opened at one point where root level SSH access was given to cPanel Support so they could log in from their support offices. This extends back as far back to tickets being opened with cPanel support in October 2012.
|