Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

« Previous Version 6 Next »

Overview of the Situation:

On 9/8/2020, there were multiple attacks perpetrated on tdicinsurance.com, taking the site dow

 

IT is investigating to determine the root cause; the information Catherine and I have received thus far points to a Telerik vulnerability as the entry point. It appears the site was hacked but there was no data dump. The top concern is malware and user vulnerabilities.

Assessment from 10 Lb:

TDIC is on a version of DNN that is right in the middle of many security vulnerabilities; 10 Lb said “right in the middle of the worst.” The top priority is upgrading the site to the most recent version of DNN.

The PackFlash module is a known security risk. 10 Lb recently helped another organization in a similar situation to migrate content from PackFlash into a stable and secure module that works on current versions of DNN, and that is the other main priority. For reference: http://www.packflash.com/. Packflash is currently used for TDIC’s menu, several list modules, and publications like Liability Lifeline and RM Matters.

Solution/Approach:

  1. Set up clean instance of TDIC from an older backup, with no content

  2. Remove any problematic modules; upgrade those that can be upgraded

  3. Export PackFlash content into Easy DNN News or other secure module

  4. Upgrade DNN

  5. When the site is upgraded/stable, import the content and assets

Next Steps:

Today (9/9):

Mark is contacting Geoff to get the oldest backup possible of the site and will create a new instance on his local machine

Chris will identify and create a list of all modules used on the TDIC site. In particular, Chris will be identifying the use of the PackFlash modules (TDIC uses multiple types of PackFlash modules).

This week and weekend:

Mark and Chris will work through the audit of the modules to recommend which ones should be phased out or upgraded. Due to the severity of the situation they will be prioritizing this work and will work through the weekend so they can get us an estimate and timeline of next steps by Monday (or early next week, depending on the audit). They will keep us updated about their findings.

  • No labels

0 Comments

You are not logged in. Any changes you make will be marked as anonymous. You may want to Log In if you already have an account.