#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

Web hosting service | Breaking Cybersecurity News | The Hacker News

Category — Web hosting service
Hostinger Suffers Data Breach – Resets Password For 14 Million Users

Hostinger Suffers Data Breach – Resets Password For 14 Million Users

Aug 26, 2019
Popular web hosting provider Hostinger has been hit by a massive data breach, as a result of which the company has reset passwords for all customers as a precautionary measure. In a blog post published on Sunday, Hostinger revealed that "an unauthorized third party" breached one of its servers and gained access to "hashed passwords and other non-financial data" associated with its millions of customers. The incident occurred on August 23 when unknown hackers found an authorization token on one of the company's servers and used it to gain access to an internal system API, without requiring any username and password. Immediately after the breach discovery, Hostinger restricted the vulnerable system, making this access no longer available, and contacted the respective authorities. "On August 23rd, 2019 we have received informational alerts that one of our servers has been accessed by an unauthorized third party," Hostinger said. "This...
5 Popular Web Hosting Services Found Vulnerable to Multiple Flaws

5 Popular Web Hosting Services Found Vulnerable to Multiple Flaws

Jan 16, 2019
A security researcher has discovered multiple one-click client-side vulnerabilities in the some of the world's most popular and widely-used web hosting companies that could have put millions of their customers as well as billions of their sites' visitors at risk of hacking. Independent researcher and bug-hunter Paulos Yibelo, who shared his new research with The Hacker News, discovered roughly a dozen serious security vulnerabilities in Bluehost, Dreamhost, HostGator, OVH, and iPage, which amounts to roughly seven million domains. Some of the vulnerabilities are so simple to execute as they require attackers to trick victims into clicking on a simple link or visiting a malicious website to easily take over the accounts of anyone using the affected web hosting providers. Critical Flaws Reported in Popular Web Hosting Services Yibelo tested all the below-listed vulnerabilities on all five web hosting platforms and found several account takeover, cross-scripting, and in...
7 PAM Best Practices to Secure Hybrid and Multi-Cloud Environments

7 PAM Best Practices to Secure Hybrid and Multi-Cloud Environments

Dec 04, 2024Risk Management / Zero Trust
Are you using the cloud or thinking about transitioning? Undoubtedly, multi-cloud and hybrid environments offer numerous benefits for organizations. However, the cloud's flexibility, scalability, and efficiency come with significant risk — an expanded attack surface. The decentralization that comes with utilizing multi-cloud environments can also lead to limited visibility into user activity and poor access management.  Privileged accounts with access to your critical systems and sensitive data are among the most vulnerable elements in cloud setups. When mismanaged, these accounts open the doors to unauthorized access, potential malicious activity, and data breaches. That's why strong privileged access management (PAM) is indispensable. PAM plays an essential role in addressing the security challenges of complex infrastructures by enforcing strict access controls and managing the life cycle of privileged accounts. By employing PAM in hybrid and cloud environments, you're not...
Web Hosting Company Pays $1 Million to Ransomware Hackers to Get Files Back

Web Hosting Company Pays $1 Million to Ransomware Hackers to Get Files Back

Jun 19, 2017
South Korean web hosting provider has agreed to pay $1 million in bitcoins to hackers after a Linux ransomware infected its 153 servers, encrypting 3,400 business websites and their data, hosted on them. According to a blog post published by NAYANA, the web hosting company, this unfortunate event happened on 10th June when ransomware malware hit its hosting servers and attacker demanded 550 bitcoins (over $1.6 million) to unlock the encrypted files. However, the company later negotiated with the cyber criminals and agreed to pay 397.6 bitcoins (around $1.01 million) in three installments to get their files decrypted. The hosting company has already paid two installments at the time of writing and would pay the last installment of ransom after recovering data from two-third of its infected servers. According to the security firm Trend Micro , the ransomware used in the attack was Erebus that was first spotted in September last year and was seen in February this year with Win...
cyber security

The AppSec & R&D Playbook: How to Align Security and Innovation

websiteBackslashApplication Security
AppSec vs. R&D? Bridge the gap with clear steps to streamline workflows and foster collaboration.
The Pirate Bay loses its Main Domain Name in Court Battle

The Pirate Bay loses its Main Domain Name in Court Battle

May 13, 2016
The Pirate Bay has fought many legal battles since its launch in 2003 to keep the website operational for the last 13 years. However, this time The Pirate Bay is suffering a major blow after the Swedish Court ruled Thursday that it will take away the domain names 'ThePirateBay.se' and 'PirateBay.se' of the world's most popular torrent website and will hand over them to the state. As its name suggests, The Pirate Bay is one of the most popular file-sharing torrent site predominantly used for downloading pirated or copyrighted media and programs free of charge. Despite the criminal convictions, the torrent site remains functioning although it has moved to different Web domains several times. However, this time, The Pirate Bay loses its main .SE domain, the world's 225th most popular website according to the Alexa ranking, according to Swedish newspaper DN . "In common with the District Court ruling the Court of Appeal finds that there is a b...
Biggest Free Hosting Company Hacked; 13.5 Million Plaintext Passwords Leaked

Biggest Free Hosting Company Hacked; 13.5 Million Plaintext Passwords Leaked

Oct 28, 2015
The world's most popular Free Web Hosting company 000Webhost has suffered a major data breach, exposing more than 13.5 Million of its customers' personal records. The stolen data includes usernames, passwords in plain text, email addresses, IP addresses and last names of around 13.5 Million of 000Webhost's customers. According to a recent report published by Forbes , the Free Hosting service provider 000Webhost was hacked in March 2015 by an anonymous hacker. In a post on its official Facebook page, the hosting company has acknowledged the data breach and posted the following statement: "We have witnessed a database breach on our main server. A hacker used an exploit in old PHP version to upload some files, gaining access to our systems. Although the whole database has been compromised , we are mostly concerned about the leaked client information." The stolen data was obtained by Troy Hunt , an Australian security researcher, who received the dat...
Expert Insights / Articles Videos
Cybersecurity Resources