*Curtis G and I
Me and Curtis G are releasing 0 day vun for whmcs friday
*Curtis G and I
Me and Curtis G are releasing 0 day vun for whmcs friday
Grammar is for the sheeple in meatspaceDude they are hackers. They can hack Engwish too.
I think they did that ?let SolusVM and WHMCS know of the exploits BEFORE releasing them. Once you've informed the companies about the exploits and they've had a reasonable amount of time to respond, THEN you can release the code.
Chairman Mao is on fire! So true. Better coders and less PR spin.fire a few PR spin doctors and hire better coders. After all, they are not a political party, just a company which has to deliver a product
@peterw yeah, I imagine it is. Imagine how exciting it will be when you will have to pay $30 for the lowest end VPS and close to a $100 to get something decent, like it was just a few short years ago. Then you'll miss this "crappy monoculture" that you like so much to laugh at!What a show! First SolusVM and now Hostbill and WHMCS. It's exciting to see how vulnerable a monoculture is.
[SIZE=small]This is a further status update to the recent security breach that ChicagoVPS has experienced. We have successfully restored some nodes, and the vast majority of our VPS customers are online, however we have a small percentage of nodes which still need to be worked on. Some of the nodes we are working on had data loss that we cannot restore. These nodes are LA18, ATL1, ATL4, ATL5. I you on are on one of these nodes you can safely start to rebuild, or open a ticket asking for this months refund.
On a positive note, it seems like SolusVM has released a new update in light of the recent incidents ( [/SIZE][SIZE=small]http://blog.soluslabs.com/2013/06/19/security-updates-available-for-all-solusvm-versions/[/SIZE][SIZE=small] ). However, at this time we do not feel comfortable enabling SolusVM access at this minute as we were a victim of their security vulnerabilities two times in the past 7 months. We are evaluating other alternative panels, but at the moment our priority is taking care of our customers and getting the impacted nodes back in working order.
Please understand that we have all hands on deck working tirelessly to restore service connectivity for those impacted. Therefore, our ticket response times are affected to allow us to effectively work without anything slowing us down. We apologize for the delayed ticket response times but we assure you we are making progress and working hard to get everything back to normal.
Our goal is to have everything 100% restored tomorrow. Those affected by this incident will recieve compensation.
Regards,
ChicagoVPS Team[/SIZE]
I am pissed off. Someone is trying to destroy the whole SolusVM based economy. I am seeing it but I can't believe it. If the Hostbill and WHMCS 0day exploits are true it is just the beginning.@peterw yeah, I imagine it is. Imagine how exciting it will be when you will have to pay $30 for the lowest end VPS and close to a $100 to get something decent, like it was just a few short years ago. Then you'll miss this "crappy monoculture" that you like so much to laugh at!
@peterw As long as providers take steps to secure them, they will be fine. There are plenty of simple solutions to prevent SQL injections and such, and on top of that providers can use CloudFlare as a reverse proxy (it's running Nginx as well). So no, the entire industry won't come crashing down.I am using this monoculture too. Nothing to laugh at!
I won't ask where and node you are on. But like the last hack and fail at CVPS, they lost customer VPSes.Just got this email update from ChicagoVPS. My question is don't we need access to the SolusVM to initiate a reimage of our server is everything is lost?
How long have you been down for?My Customers threat with lawsuit.
ChicagoVPS cant answer the tickets.
When system up and running ?
I need net time for system up and running!
From their reports, the lost data on [SIZE=small]LA18, ATL1, ATL4 and ATL5[/SIZE] is gone ... irrecoverable. If your No. 1 and No. 4 VPS are on any of these .. they're a goner.30 hr ago system shutdowned
I have 4 VPS
1) Atlanta Location (Important Data)
2) Chicago1 (Important Data)
3) Chicago2 (Low Important)
4) LosAngeles (Low Important)
Your customers do not have backups? You do not have backups of services you offer?My Customers threat with lawsuit.
ChicagoVPS cant answer the tickets.
When system up and running ?
I need net time for system up and running!
No they did not and if they did then you have made promises you cannot keep that is your fault and your responsibility alone, you are no more important than any other customer of CVPS, it will be done when it is done, I have no doubt they are working hard to bring things up opening tickets and updating forums is only distracting them.My Customers threat with lawsuit.