Connect with us
An issue in Microsoft Exchange has leaked hundreds of thousands An issue in Microsoft Exchange has leaked hundreds of thousands

Security

An issue in Microsoft Exchange has leaked hundreds of thousands of domain credentials

Published

on

The problem is in the protocol of the Microsoft Autodiscover feature of Microsoft Exchange mail servers.

Cybersecurity Researchers at Guardicore discovered error in the Microsoft Exchange mail server. The issue has resulted in the leaking of domain credentials and Windows applications around the world.

The problem lies in the protocol of the Microsoft Autodiscover feature of Microsoft Exchange mail servers, which allows mail clients to automatically discover mail servers, provide credentials, and then retrieve the correct configurations. The protocol is an important part of mail servers as it allows administrators to easily verify that clients are using the correct parameters for SMTP, IMAP, LDAP, WebDAV, and more.

But to get automatic settings, email clients usually check against a series of predefined URLs obtained from the domain of the user’s email address.

According to experts, the autodiscover mechanism uses a “rollback” procedure in case it does not find the Autodiscover endpoint of the Microsoft Exchange server on the first try. This “rollback” mechanism is the culprit in the data leak because it always tries to resolve a portion of the Autodiscover domain and will always try to “fail”. The next attempt to generate the Autodiscover URL will result in: autodiscover.com/autodiscover/autodiscover[.]xml. This means that the owner of autodiscover[.]com will receive all requests that cannot reach the original domain.

The specialists registered a series of top-level domains based on Autodiscover, which were still available on the Internet around the world. Between April 16, 2021 and August 25, 2021, these servers received hundreds of requests with thousands of credentials from users who tried to configure their email clients, but the email clients were unable to find a suitable Autodiscover endpoint.

The problem with a lot of requests was that there was no attempt on the client side to check if the resource is available or even if it exists on the server before sending the authenticated request.

In total, Guardicore received 372,072 credentials for Windows domains and 96,671 unique login / password from various applications such as Microsoft Outlook. The credentials belonged to food manufacturers, investment banks, power plants, real estate companies, logistics companies, as well as public companies in the Chinese market.

Click to comment

Leave a Reply

Your email address will not be published.

Security

17-year-old hacker who allegedly leaked GTA 6 gameplay videos online arrested in UK

Published

on

17 year old hacker who allegedly leaked GTA 6 gameplay videos online

London police today announced the capture of a 17-year-old teenager suspected of cybercrime in Oxfordshire. At the moment, it is only reported that the arrested person is in custody.

17-year-old hacker who allegedly leaked GTA 6 gameplay videos online arrested in UK

The police declined to say what caused the arrest, but a number of facts indicate that this particular teenager, associated with the Lapsus$ hacker group, previously hacked into Uber, and recently posted screenshots and videos of GTA 6 gameplay on the Web.

In March, Bloomberg wrote that the person believed to be behind several major network hacks was a 16-year-old teenager whose home is in Oxfordshire. Uber wrote on its blog after the hack: “We believe this attacker (or attackers) is associated with a hacker group called Lapsus$, which is becoming more and more active.” A hacker who posted a GTA 6 video online claimed responsibility for the attack on Uber in forum posts.

Recall, yesterday it became known that the FBI joined the investigation into the hacking of Uber and the publication of GTA 6 materials online.

Continue Reading

Gaming

The security specialist was able to “hack” the PS5 through the same vulnerability that he used to jailbreak the PS4

Published

on

The security specialist was able to hack the PS5 through

Security specialist Andy Nguyen was able to bypass the protection of the PS5 game console and “hack” it using an old vulnerability that he also used on the PS4. It concerns the features of the exFAT file system in Sony’s implementation. In 2020, Nguyen managed to jailbreak his PS4 using the same vulnerability. As a result, the specialist received full access to the system core.

The security specialist was able to

The researcher suggested that during the transition from FreeBSD9 to FreeBSD11, the patch that closed the vulnerability somehow stopped working or was removed during the upgrade. The specialist has already reported the vulnerability to the company, which paid him $10,000. The same amount Nguyen received for the same vulnerability on PS4.

The PlayStation hack allows the user to install emulators of other consoles, play pirated versions of games, and also unlock some features that are not normally available to users.

At the same time, Nguyen explained that the error he discovered was just one of a chain of errors required for a full PlayStation 5 jailbreak. To date, the newest console has not been hacked.

Continue Reading

Phones

Only pin code, only hardcore. Locking a smartphone with a fingerprint reduces its security, says Group-IB digital forensics specialist

Published

on

Only pin code only hardcore Locking a smartphone with a

Group-IB digital forensics specialist Igor Mikhailov told the Prime agency why you should not use a fingerprint on your phone.

According to him, locking a smartphone with a fingerprint reduces its security, as the fingerprint can be copied. In addition, it is possible to unlock the gadget with someone else’s fingerprints, especially on devices with an old sensor.

Only pin code, only hardcore.  Locking a smartphone with a fingerprint reduces its security, says Group-IB digital forensics specialist

The most secure way to unlock a smartphone, according to Mikhailov, is to use complex passwords. He advised to turn off the fingerprint login and leave only the pin code.

As for unlocking a smartphone by face, Apple’s Face ID system is the most reliable, but even its enthusiasts managed to deceive with photos and masks of the owners.

Continue Reading

Most Popular