• Cloud Servers

    • Server Range

      Mammoth have a range of server solutions suitable for all types of web applications, large and small.

      Mammoth Cloud servers can be upgraded or downgraded at any time, providing almost unlimited growth potential.

       

      Whether you are running a small Wordpress blog, or a large Magento e-commerce platform, Mammoth has a solution suitable for your business - now, and in the future.

    • Windows Cloud VPS

      Choose from Windows 2012 R2 or Windows 2008 R2 and connect via Remote Desktop (RDP) after deployment.

      from$45/month
      Windows VPS Plans

    • Linux Cloud VPS

      Deploy your VPS in 60 seconds. Choose from CentOS, Debian, or Ubuntu and connect via SSH after deployment.

      from$25/month
      Linux VPS Plans

    • cPanel Cloud VPS

      Our cPanel cloud servers come pre-installed, just connect to the WHM web interface after deployment.

      from$70/month
      cPanel VPS Plans
  • Virtual Private Cloud
  • Server Management
  • Support
 

Archive for tag: security

New remote exploit vulnerability discovered in bash

Tuesday, September 30, 2014

We don't regulary post about securities issues here (because, frankly, we'd be doing it all day), but every now and then there's a Big One that makes everyone sit up and take notice.

Last week, a vulnerability in the Bourne Again Shell - more colloquially known as Bash - was announced. Bash is widely deployed in most Linux-based operating systems (and can be found on Windows in cygwin).

The exploit - initially tagged CVE-2014-6271 but now widely known as 'shellshock' - allows remote attackers to execute arbitrary code via a crafted environment.

Since the initial bug was discovered, many more eyes have been on the Bash source code, resulting in several other updates. At the time of writing, another seemingly significant new exploit has been discovered ( CVE-2014-6278 has been reserved).

We're not going to go into too much detail about the issue - it has been covered very extensively elsewhere, and we encourage users interested in more details to read up on the technical roots.

This is a significant vulnerability and we advise all customers to update Bash immediately, and to continue to closely monitor any advisors relating to Bash in the coming weeks.

By: David Harrison | Tagged: | Leave comment

Heartbleed: OpenSSL Vulnerability Puts Servers At Risk

Wednesday, April 09, 2014

A new vulnerability in the OpenSSL cryptographic software library was revealed yesterday. It has quickly gathered worldwide attention as an extremely serious problem as it can allow remote access to critical information on servers.

The vulnerability - nicknamed "Heartbleed" - can allow anyone on the Internet to directly access the memory of systems that are using the vulnerable version of the OpenSSL library.

Heartbleed has been assigned CVE-2014-0160. We encourage our customers to check their VPSs to ensure that their OpenSSL has been updated.

Some good references on the subject include:

- http://heartbleed.com/ - a great summary of the issue, including background, details of affected versions, and more information about is exposed.

- Attack of the week: OpenSSL Heartbleed - a more technical overview of the issue, including analysis of the vulnerable code, as well as some testing tools to check if your server is vulnerable.

CVE-2014-0160
By: David Harrison | Tagged: | Leave comment
Preload Preload Preload