...
On 9/8/2020, there were multiple attacks perpetrated on tdicinsurance.com, taking the site dowdown at least twice in a 24-hour period.
IT is investigating to determine partnered with 10 Lb to investigate the root cause; the information Catherine and I have received thus far points to a Telerik vulnerability , and logs point to outdated/unsupported DNN module vulnerabilities as the entry point.
It appears the site was hacked but there was no data dump. The top concern is malware and user vulnerabilities.
...
Chris will identify and create a list of all modules used on the TDIC site. In particular, Chris will be identifying the use of the PackFlash modules (TDIC uses multiple types of PackFlash modules). Due to the fact that 10 Lb recently worked through this issue with another client, they already have scripts written to help facilitate this process.
This week and weekend:
Mark and Chris will work through the audit of the modules to recommend which ones should be phased out or upgraded, which will give them a good idea of how long it will ultimately take to upgrade the site. Due to the severity of the situation they will be prioritizing this work and will work through the weekend so they can get us an estimate and timeline of next steps by Monday (or early next week, depending on the audit). They will keep us updated about their findings.
...