check

The recently discovered set of malicious actors (Spectre and Meltdown) which affect almost all the computing and mobile devices around the world, have created a buzz among the tech companies. As reported by Google Project Zero, Spectre and Meltdown vulnerabilities can be injected through the JavaScript code running in browser. It enables the attackers to read the system memory in CPUs including the ones from Intel, AMD, and ARM. Attackers can read sensitive information in the system like passwords, encryption keys, etc. It was also found that if any virtual machine (VM) is attacked, the physical memory of host machine too can be accessed. Further, the attacker can access the memory of all the VMs running on same host. Variants of attack: Variant 1: bounds check bypass Variant 2: branch target injection Variant 3: rogue data cache load As per the researchers, the Variant 1 and Variant 2 take place by mounting Spectre vulnerability, while Variant 3 by Meltdown. The Meltdown enables the…
Read more

Filed under Web Hosting News by on #

Amsterdam, the Netherlands – 3W Infra, a fast growing Infrastructure-as-a-Service hosting provider from Amsterdam with global operations and more than 4,000 dedicated servers under management, has attained the ISO/IEC 27001:2013 certification for Information Security Management together with Payment Card Industry Data Security Standard (PCI DSS) compliance. Validated by independent third-party IT audit company Noordbeek B.V., these certifications would help 3W Infra ensure that they have enterprise-grade controls in place to protect customer information and payment data while safeguarding business continuity.

IT audit company Noordbeek B.V. has checked and validated a variety of processes as well as management and operating controls within 3W Infra’s organization to be able to grant 3W Infra the two ‘enterprise-grade’ security certifications.


To ensure that customers’ information is secure with 3W Infra, Noordbeek has validated things like 3W Infra’s business continuity, the documentation of organizational processes, separation of duties, managing (strategic) suppliers, IT system management, human resources policies and procedures, physical security measures in the offices and data center environment, handling and embedding of organizational knowledge, security incident reporting, and more.

3W Infra has received the ISO/IEC 27001:2013 and PCI-DSS certifications from Noordbeek IT Audit, Compliance & Advisory now and is able to send the third-party attestations to customers on their request.

“We see quite some service providers in the worldwide hosting industry eager to serve enterprises and other customers with high demands and mission-critical operations, but we don’t see many of them achieving accreditations like ISO/IEC 27001:2013 and PCI-DSS, especially not the relatively smaller hosting providers,” said Roy Premchand, Managing Director of 3W Infra. “We know it’s not cheap to have these ISO/IEC 27001 and PCI-DSS quality guarantees embedded in your organization, but we think it’s a good step towards GDPR compliance and a big plus for our mission-critical customers who already entrust their IT infrastructure to 3W Infra – among them international companies within gaming as well as cloud services providers with global operations. Besides that, we expect these enterprise level accreditations to bring great value on a global level while attracting new types of customers from around the world within for example healthcare, finance, and government.”

SSAE 16 Certification

On top of the ISO/IEC 27001:2013 and PCI-DSS certifications achieved, 3W Infra is targeting expansion of accreditations embedded in the organization with an SSAE 16 certification in the future. While PCI-DSS is focused specifically on the data security of credit card information stored in a facility, SSAE 16 is more generally focused on the services operating environment and the internal controls of 3W Infra as a service provider.

“Although we’re a pure-play IaaS hosting provider, not a data provider, we do deliver managed engineering services through our Remote Hands solution to data services providers who store and process financial information,” added Mr. Premchand. “Our Data Center Neutral Remote Hands Service on the world’s main Internet hubs in Frankfurt, Amsterdam and London, thus may require us to go for this SSAE 16 accreditation as well. Especially because the clients for this Remote Hands engineering service come from all over the world. Most of them are not in the position to drop by in the data center to check data processes and handling themselves. The 3W Infra engineering teams are an extension of their own organization so to say, and SSAE 16 would provide them an end-to-end data security guarantee.”

About ISO/IEC 27001 and PCI-DSS

ISO/IEC 27001:2013 is a worldwide-recognized information security management standard which would ensure that an organization can apply a framework to business processes to help identify, manage and reduce risks to information security. The standard does not only consider IT but all business operations of an organization.

The PCI-DSS (Payment Card Industry Data Security) standard is a proprietary standard for all organizations that process, transmit, or store payment cardholder data. The standard is providing a framework with technologies and practices that would need to be adhered to in order to protect and secure the cardholder data.

About 3W Infra
Founded in 2014 by some Internet and hosting industry veterans, 3W Infra is a global Infrastructure-as-a-Service (IaaS) hosting provider with great engineering knowledge and skills headquartered in Amsterdam, the Netherlands. The company’s enterprise-grade, ISO/IEC 27001:2013 and PCI-DSS certified hosting solutions are tailored to the specific needs of each customer. 3W Infra’s infrastructural solutions are engineered for scalability and cost-efficiency, with cloud-enabling services including colocation, dedicated servers, IP Transit, and high-level customer support. These solutions come with 3W Infra’s Remote Hands including Relocation engineering services at the world’s main Internet hubs in Amsterdam, Frankfurt and London.

As a fast-growing company aiming for sustainable growth, 3W Infra serves a dynamic array of different customer types with a variety of needs. The company’s flagship data center in Amsterdam features one of the lowest calculated pPUEs in the industry (1,04), which is highly energy-efficient. 3W Infra has a significant amount of colocation customers and more than 4,000 dedicated servers under management, while its global network now exceeds 160 Gigabit/sec (Gbps) of available bandwidth. 3W Infra’s customer base includes some of the largest Internet, gaming, broadcasting and cloud services companies in Europe and beyond.

To learn more about 3W Infra, visit: www.3winfra.com

About Noordbeek IT Audit, Compliance & Advisory
Noordbeek B.V. was founded in 2006 by Prof. Dr. Ir. Ronald Paans, Professor of Postgraduate IT Audit training at the VU University in Amsterdam. Noordbeek is an IT audit and consulting firm specializing in certification programs and handling of complex IT-related issues. Offerings range from certifications in the field of PCI DSS, ISO 27001, ISAE 3402, COBIT 5.0 to consultancy projects such as improving the connection of IT to business processes and making the cooperation between service provider and customer more effective.

Read more

Filed under Web Hosting News by on #

LOS ANGELES, CA – DreamHost®, a leader in web hosting and cloud services for WordPress users worldwide, today announced that select users of its managed WordPress service, DreamPress, will be able to receive the advanced benefits of Automattic’s Jetpack at no extra charge. In a bold move to gain the adoration of its users and the ire of its competitors, DreamHost has announced that DreamPress Plus and DreamPress Advanced users will now receive access to Jetpack Professional, a $299/year value, at no extra charge.

DreamPress users have long enjoyed Automattic’s Jetpack plugin for the additional functionality it enables within WordPress. Among its many features, Jetpack’s free option includes an image CDN, in-depth website statistics, downtime monitoring, and a buttload of other enhancements. Jetpack Professional adds a video CDN with no bandwidth restrictions, comprehensive spam protection, daily backups powered by VaultPress, automated and on-demand malware scans, access to over 200 high-quality premium themes, advanced SEO tools, and priority access to WordPress experts at Automattic.


DreamPress Basic users will continue to receive access to Jetpack’s free offering, while DreamPress Plus and DreamPress Advanced users both receive immediate access to Jetpack Professional, the most comprehensive Jetpack offering available.

“This here? This is a Professional Jetpack,” explained John Robison, DreamHost’s Director of Product, Managed WordPress. Standing alongside a row of gleaming silver jetpacks in a cavernous showroom he continued: “The Premium Jetpacks? They’re good, too. Good for lots of folks. But our customers…they deserve the best. And this is the best. Professional’s got over 200 premium themes, deep Google Analytics integration, and SEO tools like you’ve never seen. Check this out.” Robison pushed a button on his belt and immediately launched himself, and his WordPress website, through the roof of the showroom.

After several minutes of awkward silence, Robison stumbled through the front door of the building, bloody and bruised. His Jetpack, however, remained free of blemishes, gleaming and pristine as the day it rolled off the assembly line. “Wrong button,” Robison offered sheepishly. “But you can see the kind of power this thing’s got, right? Good stuff.”

Jetpack Professional is immediately available to all DreamPress Plus and Advanced users, both current and new. New customers need only opt-in to Jetpack Professional from within their DreamHost control panel to begin receiving the benefits of a powerful, supercharged WordPress experience at DreamHost.

About DreamHost
Since 1997 DreamHost has helped individuals, small businesses, and developers the world over share and own their digital content on the web. From domain registrations to web hosting and even powerful cloud storage and computing services, more than 400,000 customers trust DreamHost to be their online home. Focused on WordPress and packed with unbelievable value, DreamHost is the best place to launch a blog, website, or web application into the stratosphere. Learn more at www.DreamHost.com.

Read more

Filed under Web Hosting News by on #

GitHub – one of the largest development platforms, launched a new security feature that has the capability to search project dependencies in JavaScript and Ruby, and alert project owners on finding any known vulnerability. Earlier in mid-October, GitHub had introduced a Dependency Graph section in the Project’s Insights tab that show a tree-like structure of all the loaded libraries. The new feature is the next step to improve the overall experience of managing and running projects in GitHub. As soon as a new vulnerability is detected, the user will get notified along with the known fixes to the issue. This feature is a major step towards ensuring code’s security in the projects running on GitHub. With GitHub now hosting nearly 67 million of repositories and projects that rely on software libraries and software packages that do not get updated frequently, security is major concern. Developers can keep a check on the security alerts that can be accessed under Insights tab of any…
Read more

Filed under Web Hosting News by on #

(Bloomberg) — A major shipping company is under attack. With help from a corrupt executive, an international hacking syndicate called Scorpius, has penetrated the computer networks of Fast Freight Ltd. The hackers have taken control of servers and compromised the systems that control Fast Freight's vessels and its portside machinery. The company's cybersecurity consultants have 48 hours to uncover the breach and repulse the attackers before they cripple Fast Freight's business and cause serious economic damage.
It sounds like the plot to a blockbuster thriller. But this was the fictional scenario 42 budding computer security experts faced at the annual U.K. Cyber Security Challenge competition earlier this week in London. With demand for cybersecurity expertise exploding, but qualified people in short supply, war-gaming competitions like this have become key recruiting grounds for companies and government security agencies.
"We want to find untapped talent to fill roles in our own operation and in the industry as a whole," said Rob Partridge, BT Group Plc's head of commercial development for penetration testing. BT is one of a half-dozen companies, including Airbus SE, Cisco Systems Inc. and smaller, specialist cybersecurity firms Darktrace Ltd. and Check Point Software Technologies Ltd., that sponsored this year's Challenge competition. The U.K.'s National Crime Agency, the Bank of England and law firm 4 Pump Court also supported
Read more

Filed under Web Hosting News by on #

PALO ALTO, CA – Jelastic, the advanced PaaS that simplifies complex cloud deployments and in use by more than 55 hosting providers worldwide, today announced an enhanced module for WHMCS billing integration.

“With every update, we keep making the platform functionality more reachable for the service providers – from newbies at the market to the established companies – who target SMBs and aim to offer their users a product of high quality,” comments Ruslan Synytsky, Jelastic CEO and co-founder.


The extension is now available in the WHMCS and ModulesGarden Marketplaces for free download. It allows service providers easily get Jelastic PaaS with full integration to WHMCS billing system. The already existing customers of WHMCS can initiate the installation right from the WHMCS admin panel. For newcomers this package is available for ordering at the marketplace.

With Jelastic, hosting service providers have an opportunity to grow their business by offering their users a new product that will meet their DevOps needs: managed PaaS with support of Java, PHP, Node.JS, Ruby, Python and .NET and Docker-based applications; automatic creation, scaling, clustering and security updates of microservices or monoliths; rich interface for managing cloud deployments, in addition to CLI and SSH access; auto-scalable Elastic VPS; installation of 100+ applications in one click; and many other solutions.

“Hosting providers with WHMCS accounts now can easily extend their offerings with Jelastic PaaS functionality in order to grow their businesses. Deeper integration simplifies entry point and makes the billing process smooth for both sides – service providers and end customer,” said Matt Pugh, CEO of WHMCS

In conjunction with the updated module release, Jelastic is offering a limited-time 20% discount during the first year for the preconfigured package of:

  • Jelastic PaaS license with 24/7 support
  • Physical servers located in the USA, Europe or APAC
  • Built-in integration with WHMCS billing system
  • No installation fee

The discount can be even larger with pre-payment of a 6- or 12-month package. This offer is available until the 31th of December. Follow this link to check available package configurations: https://store.jelastic.com/cart.php and use the code JELASTICPROMO1 while ordering to get the solution upon the favorable terms.

“Jelastic PaaS For WHMCS is a must-have solution for all web hosting providers who aim heights and are determined to find the unique X-Factor for their business. With its help, offering a perfect combination of seamless billing and remote management of cloud environment, all based on a truly innovative model, is now within reach. ModulesGarden is proud to be actively involved in the module’s continuous evolution and delighted to contribute to its success,” says Piotr Dolega, ModulesGarden CMO.

About Jelastic
Jelastic is a robust solution for the cloud market – hosting providers, enterprises and developers – combining the benefits of PaaS and CaaS in a single turnkey package. Its rich interface simplifies complex cloud deployments by automating the creation, scaling, clustering and security updates of microservices or monolithic applications. Jelastic has a unique pay-for usage-only pricing model and is available as public, private, hybrid and multi-cloud in more than 55 data centers worldwide. The platform provides support of Java, PHP, Ruby, Node.js, Python, .NET environments and custom Docker containers. More info is at https://jelastic.com

Read more

Filed under Web Hosting News by on #