Malware changes daily, sometimes hourly.

To keep servers safe, you must make sure your Imunify360 malware database is always up to date. We're striving to make Imunify360 the easiest way to keep Linux web servers secure. So we're announcing that, as of July 10, 2019, the Imunify360 and ImunifyAV malware and black hash databases get updates every business day.

Do you fight malware from the knife-edge of the command line, or the plush refinement of the GUI? That’s today’s poll—it only takes a second.There are several ways of managing servers and controlling their applications and services. We’re curious what type of interface you prefer while working with Imunify360: Command Line or UI. Which do you prefer? Your feedback helps us improve Imunify360 and make it everything a Linux web hosting ninja needs for all-round server cybersecurity.What type of automation/tools are you using?

We are pleased to announce that the new updated ImunifyAV version 4.2 is now scheduled for gradual roll-out from our production repository and will be available for all customers in about two weeks or less.If you want to upgrade to the new ImunifyAV version 4.2 right now, you can run the following commands:wget https://repo.imunify360.cloudlinux.com/defence360/imunify-force-update.shbash imunify-force-update.shCurrent release infoVersion: 4.2.6-4Rolled out to: 1%Last updated: July 15, 2019 11am ESTSummaryAdded event hooks to process events asynchronouslyImproved scanning engine and signaturesEnhanced ignore list for the system files / mailboxesIntroduced background scanningIgnore list could ...

We are pleased to announce that the new Imunify360 version 4.2 is now scheduled for gradual roll-out from our production repository and will be available for all customers in about two weeks or less.​If you want to upgrade to the new Imunify360 version 4.2 right now, you can run the following commands:wget https://repo.imunify360.cloudlinux.com/defence360/imunify-force-update.shbash imunify-force-update.shCurrent release infoVersion: 4.2.6-4Rolled out to: 1%Last updated: July 15, 2019 11am ESTEnhancementsHooksStarting from v4.2, Imunify360 supports ‘hooks’. This is a script-based interface for various application events, such as “malware-detected”, “malwar...

We are pleased to announce that the new updated ImunifyAV version 4.2.6 beta is now available.FixesDEF-8786: additional properties are not allowed ('errors' was unexpected)DEF-8968: check schema validationDEF-9084: disable Native Feature Management in ImunifyAV/AV+TasksDEF-8639: investigated and fixed agent response validation errorsDEF-9078: ai-bolit 4.0.3-1 is added to release of agent 4.2.x DEF-9089: removed news from av-client sideHow to installTo install the new ImunifyAV version 4.2.6, please run the commands:wget https://repo.imunify360.cloudlinux.com/defence360/imav-deploy.shbash imav-deploy.sh --betaTo upgrade ImunifyAV on CentOS/CloudLinux systems, run the command:yum update imunif...

We are pleased to announce that the new updated Imunify360 version 4.2.6 beta is now available.FixesDEF-8786: additional properties are not allowed ('errors' was unexpected)DEF-8968: check schema validationDEF-9084: disable Native Feature Management in ImunifyAV/AV+TasksDEF-8639: investigated and fixed agent response validation errorsDEF-9078: ai-bolit 4.0.3-1 is add to the release of agent 4.2.x DEF-9089: removed news from av-client sideDEF-9098: included WebShield 1.7-13 into 4.2DEF-9121: new package of Proactive Defense 4.2.5-1.1 is added to release of agent 4.2.xHow to installTo install the new Imunify360 version 4.2.6 betaPlease follow the instructions in the documentation.To upgrade Im...

This time we invite you to share your experience regarding one of the non-typical security issues - database malware injection / infections. Also, we are thankful to you for participating in the recent poll and ready to share the results regarding the question "What 3 features are the most valuable for you in Imunify360?" 

We really appreciate your participation and want to thank you all for your contribution to the Imunify products.Our last poll was about the security policy you choose for your servers. ~95% of participants voted for the “Block everything but leave some certain ports opened”.This time we’d like you to share thoughts about Imunify features. Please, use comments below the poll for feature requests, advice and other extended comments.

We are pleased to announce that the new updated ImunifyAV version 4.2.5 beta is now available.

Fixes

• DEF-8928: fixed KeyError 'license_type'

How to install

To install the new ImunifyAV version 4.2.5, please run the commands:

wget https://repo.imunify360.cloudlinux.com/defence360/imav-deploy.shbash imav-deploy.sh --beta

To upgrade ImunifyAV on CentOS/CloudLinux systems, run the command:

yum update imunify-antivirus --enablerepo=imunify360-testing

We are pleased to announce that the new updated Imunify360 version 4.2.5 beta is now available.

Fixes

• DEF-8928: fixed KeyError 'license_type'

Tasks

• DEF-8996: the new package of Proactive Defense 4.2.2-1.4 is added to release of agent 4.2.x

How to install

To install the new Imunify360 version 4.2.5 beta

Please follow the instructions in the documentation.

To upgrade Imunify360 on CentOS/CloudLinux systems

Run the command:

Introduction

Your web server's image processor could be malware hiding in plain sight.

I'm going to describe an interesting type of malware the Malware Intelligence Team recently uncovered during a recent research operation.

At the time of writing, there were 11,320 cases of it detected and neutralized on 265 websites across 183 servers.

It is a particularly ingenious and potentially destructive type of malware: it is designed to appear as a legitimate image processor, and can act as a backdoor to your web server.

A backdoor is malicious software that lets a hacker get back into your server even after you detect and remove their access credentials. When a hacker gets into your site, the first thing they do is upload a backdoor.

We are pleased to announce that the new updated ImunifyAV version 4.2.4 beta is now available.

Fixes

• DEF-8904: fixed upgrade_url for ImunifyAV

How to install

To install the new ImunifyAV version 4.2.4, please run the commands:

wget https://repo.imunify360.cloudlinux.com/defence360/imav-deploy.shbash imav-deploy.sh --beta

To upgrade ImunifyAV on CentOS/CloudLinux systems, run the command:

yum update imunify-antivirus --enablerepo=imunify360-testing

We are pleased to announce that the new updated Imunify360 version 4.2.4 beta is now available.

Fixes

• DEF-8777: fixed an issue when two admin contacts modal dialogs appear at once right after EULA is accepted

Tasks

• DEF-8919: OSSEC 3.1.0-30 beta release
• DEF-8922: the new package of Proactive Defense 4.2.2-1.2 is added to the release of agent 4.2.x

How to install

To install the new Imunify360 version 4.2.4 beta

Please follow the instructions in the documentation.

To upgrade Imunify360 on CentOS/CloudLinux systems

Run the command:

In Imunify360 v4.2 beta, we introduced “Hooks”, a new way to handle asynchronous events coming from the Imunify agent. It works like a simple event handler. For example, you can create a script that will run when malware is detected (right after the on-demand or background scan is finished).

The script is put on the server and registered via the Imunify360 command-line interface. In the script, you can specify a set of actions based on the scanning report received from Imunify360: for example, suspend a user account infected with malware, send out an email notification, or submit a ticket for the client. Hooks are just executables, so they can be written in any language (bash, php, python, etc.).

We’ve had a lot of questions regarding the practical use of hooks. So, we’ve created this article to show you an example of a hook that runs when malware is detected, and suspends the cPanel user account when the number of infected files exceeds three.

Here are the steps to create the hook:

1. Create a file (e.g. /root/hooks/hook.php) with the following content:

We are pleased to announce that the new updated ImunifyAV version 4.2.3 beta is now available.

Fixes

• DEF-8635: there are imunify-service INFO messages in syslog
• DEF-8768: TypeError: Can't convert 'bytes' object to str implicitly

Tasks

• DEF-8838: AI-BOLIT4.0.2-1 is added to the release of agent 4.2.x

How to install

To install the new ImunifyAV version 4.2.3, please run the commands:

wget https://repo.imunify360.cloudlinux.com/defence360/imav-deploy.shbash imav-deploy.sh --beta

To upgrade ImunifyAV on CentOS/CloudLinux systems, run the command:

yum update imunify-antivirus --enablerepo=imunify360-testing

We are pleased to announce that the new updated Imunify360 version 4.2.3 beta is now available.

Fixes

• DEF-7932: don't block IPs that are already manually added to the BLACK, GRAY, or WHITE list
• DEF-8635: there are imunify-service INFO messages in syslog
• DEF-8761: AttributeError: 'NoneType' object has no attribute 'groups'
• DEF-8768: TypeError: Can't convert 'bytes' object to str implicitly

Tasks

• DEF-8836: the new package of Proactive Defense 4.2.0-1.20 is added to the release of agent 4.2.x
• DEF-8838: AI-BOLIT4.0.2-1 is added to the release of agent 4.2.x
• DEF-8845: bumped WebShield version to 1.7-12 for Imunify360 v. 4.2 and master
• DEF-8848: added OSSEC 3.1.0-29 to the dependencies

How to install

To install the new Imunify360 version 4.2.3 beta

Please follow the instructions in the documentation.

To upgrade Imunify360 on CentOS/CloudLinux systems

Run the command:

There’s a dangerous new malware affecting Linux and IoT devices known as HiddenWasp. In this article, I’ll dissect it to show you how it works and how you can stop it infecting your Linux server or IoT device.

We are pleased to announce that the new updated ImunifyAV version 4.2.2 beta is now available.

Fixes

• [DEF–8687] - imunifyAV is scanning php session files too
• [DEF–8731] - ImunifyAV service in cPanel service manager should be updated
• [DEF–8757] - Sentry tags are missing

How to install

To install the new ImunifyAV version 4.2.2, please run the commands:

wget https://repo.imunify360.cloudlinux.com/defence360/imav-deploy.shbash imav-deploy.sh --beta

To upgrade ImunifyAV on CentOS/CloudLinux systems, run the command:

yum update imunify-antivirus --enablerepo=imunify360-testing

We are pleased to announce that the new updated Imunify360 version 4.2.2 beta is now available.

Fixes

• [DEF–8687] - Imunify360 is scanning php session files too
• [DEF–8731] - Imunify360 service in cPanel service manager should be updated
• [DEF–8757] - Sentry tags are missing

How to install

To install the new Imunify360 version 4.2.2 beta

Please follow the instructions in the documentation.

To upgrade Imunify360 on CentOS/CloudLinux systems

Run the command:

We no longer use ClamAV for malicious files detection, and keep it as a part of Imunify360 only for detecting suspicious files. Starting from Imunify360 v4.3, we're removing it completely.Given that it may consume lots of resources while running on some configurations, you may want to disable it in Imunify360 prior to v4.3 release. Here are brief instructions for how to do that in v4.2.To disable ClamAV you need to set an empty value for the 'clamav_binary' option in /etc/sysconfig/imunify360/imunify360.config (default is /usr/bin/clamscan):MALWARE_SCANNING: clamav_binary: That's it. If you have any questions or need further assistance, please get in touch.