A SQL injection vulnerability has been identified in all versions of Mambo prior to 4.6RC1 in the weblinks.php file and all versions of Joomla prior to 1.0.10. We recommend you patch this as soon as possible.
Click here for the SANS diary entry
Click here for the Mambo security patch
Click here for the Joomla security patch
Do not click on one of the links in this latest spam/phish/trojan:
People starting panic withdrawals, some of the accounts were reported closed due to technical reasons, many ATMs are not operating. Does it seem that one of the Australia’s greatest goes bankrupt?
The full story could be found here: http://www.{deleted}.com/news.php
For more information on this latest attempt to break your PC, see http://isc.sans.org/diary.php?storyid=1417.
Webmail been upgraded with six new features.
1. Users accessing webmail for the very first time will be prompted for the name and email address that should appear in the From: field of outgoing email messages.
2. Users may now compose HTML emails within webmail.
3. Webmail will now display full HTML emails, and optionally make this the default view.
4. Winmail.dat attachments generated by Microsoft Outlook and Outlook Express can now be viewed within webmail.
5. Spell checking has been upgraded and is now more accurate and more intuitive.
6. The login screen now provides space for a full email address in the login field.
The rebrandability of the webmail interface is unaffected by today’s upgrade.
If you have questions or comments about Ilisys webmail, contact Technical Support (support@ilisys.com.au or 1800 995 645)
If you identify a fault with the Ilisys service or network, you may contact Ilisys Platform staff at any time during the day or night.
Call our Faults and Emergency service on 1800 795 645. The operator will take details of your domain and fault and pass these to an on-call member of our Platform team. Any Ilisys fault will be escalated and addressed as a priority.
There is no charge for reporting a fault in the service that Ilisys provides. A $60 call-out fee will apply if the issue involves user error, a fault with the configuration of an email address, database or website, or a failure outside of the Ilisys network.
Ilisys Technical Support is available to help you with these latter issues at no charge during our extended opening hours.
In the event that a fault or emergency affects any aspect of the Ilisys service, a notice will be posted to the Ilisys System Status page, at http://status.ilisys.com.au.
Updates will be posted to this site regularly and it will represent the most effective way to track developing situations.
For the most timely updates, you may like to subscribe to an RSS feed of the Ilisys System Status page - available at feed://status.ilisys.com.au/nfblog/feed.
The information in this post is replicated on the Ilisys website at http://ilisys.com.au/explore/ilisys/reporting-faults.
Please contact Technical Support (support@ilisys.com.au or 1800 995 645) if you have any questions about these reporting and monitoring processes.
Please be advised that Ilisys has altered the way that email addresses and email accounts are managed.
BENEFITS
A. You may now configure unlimited accounts. The only threshold that will apply is your data storage allocation.
B. Changes you make to your email configuration will be provisioned instantly.
C. You may login to your email using an actual email address.
SUMMARY
The short version is that you need do nothing, until such time as you need to make changes to the configuration of an email account. Changing your email password would be an example of such a change.
At that time, you (or your email user) will be notified that they have five days in which to update their login details in your email program.
DETAILED EXPLANATION
These changes stem from a need to speed up the fulfilment of changes that users make to the configuration of their mailboxes.
Password and aliasing changes will now be actioned instantly, as will the provisioning of new mail accounts.
Email users will also be able to login to their mailboxes using an actual email address, rather than an arbitrary username assigned by the system.
These changes will also allow email users to create unlimited email accounts.
A necessary part of this new service offering is a gradual migration from our current format (cust1 for example) to one in which your customers will be able to sign into their email accounts using their email addresses.
Your new email users will be able to access POP/IMAP and webmail with this new style of username immediately. However existing user accounts will only work until that particular account is next modified.
These existing mail account holders will be required to migrate their usernames to the new format within five days of modifying an account. After five days, the old username will become inactive.
We acknowledge that the person modifying an email account may not necessarily be the account user, and so an explanatory email will automatically be sent to the email account in the event that their email username will change.
This automated email will advise the account user of their new login details and explain that they have five days in which to make the necessary changes. At the bottom of this message you will find a sample of the explanatory email that our systems will send to your clients on your behalf.
SAMPLE NOTIFICATION MESSAGE
To: john.smith@your-domain.com.au
From: do-not-reply@your-domain.com.au
Subject: New login details for this email account (custo1)
As a result of an email system upgrade, you must update the login details that you use in your email program.
At some point in the next five days, please change your email client username from custo1 to john.smith@your-domain.com.au.
In five days time, your old username (custo1) will become inactive.
New username - john.smith@your-domain.com.au
Same password - xsDlJ23y7
Regards,
Ilisys Web Hosting
We now offer GeoTrust QuickSSL Premium secure certificates for $299, including dedicated IP address and installation. The new GeoTrust certificates are $200 cheaper than new Thawte certificates and $100 cheaper than Thawte renewals.
We now offer the facility to fully rebrand the Ilisys Toolkit with your own header and footer. Rather than accessing https://toolkit.ilisys.com.au, your customers will visit https://toolkit.your-domain.com.au.
Since the Toolkit uses SSL to encrypt sensitive customer data, you must purchase a secure certificate in order to take advantage of this facility. GeoTrust QuickSSL Premium certificates are available for $299, including IP address and installation.
Users accessing re-branded Toolkits will no longer see the option to login as Account Managers.
Now, users will simply be asked to login with their domain name and password. This update has been made to prevent user confusion. Note that you may still login as Account Manager by entering your Account Manager email address and password.
You may now configure your own default page that will display when you have not yet uploaded data to a newly activated hosting package.
This feature is available within your Toolkit, when you login as an Account Manager.
Are you thinking about setting up an online shop? Or are you an existing osCommerce users looking for more? At Ilisys Web Hosting we are making changes to improve osCommerce.
Firstly the PayPal payment module has been updated to allow Australian currencies as well as the standard US, Japanese, Candian, Europian and Great Britian currencies.
Secondly the AusPOST contribution that allows the automatic calculating of shipping costs, has updated to also include a debugging option. When enabled the debug option allows users to generate a more specific error message. To use the option go into the admin section of your osCommerce shopping cart, browse to the following section, Modules > Shipping then select the specific shipping module, click the edit button and change the Enabled Debugging option to True. Now when you go to the shipping step in the checkout, it will display the error message from the shipping calculator.
Due to the current volume of osCommerce run sites on our network, we are unable to upgrade of the sites by default. However if you would like access to these additions, simply email support@ilisys.com.au or call our friendly staff on 1800 999 645.
