New NextCry Ransomware Encrypts Data on NextCloud Linux Servers. NextCloud is confident that the attacker is exploiting the PHP -FPM vulnerability.
Thanks for the heads up.
I checked my NextCloud instance and there was an update waiting for me so I took care of that. I also checked my NGINX and that was already up-to-date.
Although I’ve seen nothing implying apache is involved…any reason this exploit wouldn’t effect these servers. Php-fm module is used in both instances
The flaw is only in the nginx version and there is a patch for it.