Vulnerable ownCloud/Nextcloud based private cloud servers found in HK

Release Date: 8 Feb 2017 2669 Views

HKCERT has received reports from CERT-Bund, the federal CERT of Germany, about vulnerable installations of ownCloud and Nextcloud found in Hong Kong.

 

ownCloud and Nextcloud are both software suites for running self-hosted cloud instances for data synchronization and sharing, i.e. private cloud. Nextcloud GmbH has performed scans for installations of ownCloud and Nextcloud openly accessible from the Internet, and found that there are vulnerable or outdated installations which could lead to information leakage or the installation being taken control by criminals. They have provided the scan results to CERT-Bund, which has referred HKCERT the server information related to Hong Kong.

 

HKCERT has notified the ISP of the cloud owners, and urged the ISP to alert their clients timely. If you have received notification from your ISP, please take action immediately to secure your ownCloud or Nextcloud. We have also provided instructions on checking the scanning results in the email notification to ISP, and you can check the problems currently existing in your cloud installation in the result.

 

 

Further information of securing ownCloud and Nextcloud can be found here:

Share with

Previous

Favourite Security Reads of the Week (3 Feb 2017)

3 Feb 2017 1283 Views

Next

Advices on the security concerns of the PopVote System

9 Feb 2017 5798 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY