The problem is in the protocol of the Microsoft Autodiscover feature of Microsoft Exchange mail servers.
Cybersecurity Researchers at Guardicore discovered error in the Microsoft Exchange mail server. The issue has resulted in the leaking of domain credentials and Windows applications around the world.
The problem lies in the protocol of the Microsoft Autodiscover feature of Microsoft Exchange mail servers, which allows mail clients to automatically discover mail servers, provide credentials, and then retrieve the correct configurations. The protocol is an important part of mail servers as it allows administrators to easily verify that clients are using the correct parameters for SMTP, IMAP, LDAP, WebDAV, and more.
But to get automatic settings, email clients usually check against a series of predefined URLs obtained from the domain of the user’s email address.
According to experts, the autodiscover mechanism uses a “rollback” procedure in case it does not find the Autodiscover endpoint of the Microsoft Exchange server on the first try. This “rollback” mechanism is the culprit in the data leak because it always tries to resolve a portion of the Autodiscover domain and will always try to “fail”. The next attempt to generate the Autodiscover URL will result in: autodiscover.com/autodiscover/autodiscover[.]xml. This means that the owner of autodiscover[.]com will receive all requests that cannot reach the original domain.
The specialists registered a series of top-level domains based on Autodiscover, which were still available on the Internet around the world. Between April 16, 2021 and August 25, 2021, these servers received hundreds of requests with thousands of credentials from users who tried to configure their email clients, but the email clients were unable to find a suitable Autodiscover endpoint.
The problem with a lot of requests was that there was no attempt on the client side to check if the resource is available or even if it exists on the server before sending the authenticated request.
In total, Guardicore received 372,072 credentials for Windows domains and 96,671 unique login / password from various applications such as Microsoft Outlook. The credentials belonged to food manufacturers, investment banks, power plants, real estate companies, logistics companies, as well as public companies in the Chinese market.
17-year-old hacker who allegedly leaked GTA 6 gameplay videos online arrested in UK
London police today announced the capture of a 17-year-old teenager suspected of cybercrime in Oxfordshire. At the moment, it is only reported that the arrested person is in custody.
The police declined to say what caused the arrest, but a number of facts indicate that this particular teenager, associated with the Lapsus$ hacker group, previously hacked into Uber, and recently posted screenshots and videos of GTA 6 gameplay on the Web.
In March, Bloomberg wrote that the person believed to be behind several major network hacks was a 16-year-old teenager whose home is in Oxfordshire. Uber wrote on its blog after the hack: “We believe this attacker (or attackers) is associated with a hacker group called Lapsus$, which is becoming more and more active.” A hacker who posted a GTA 6 video online claimed responsibility for the attack on Uber in forum posts.
Recall, yesterday it became known that the FBI joined the investigation into the hacking of Uber and the publication of GTA 6 materials online.
The security specialist was able to “hack” the PS5 through the same vulnerability that he used to jailbreak the PS4
Security specialist Andy Nguyen was able to bypass the protection of the PS5 game console and “hack” it using an old vulnerability that he also used on the PS4. It concerns the features of the exFAT file system in Sony’s implementation. In 2020, Nguyen managed to jailbreak his PS4 using the same vulnerability. As a result, the specialist received full access to the system core.
The researcher suggested that during the transition from FreeBSD9 to FreeBSD11, the patch that closed the vulnerability somehow stopped working or was removed during the upgrade. The specialist has already reported the vulnerability to the company, which paid him $10,000. The same amount Nguyen received for the same vulnerability on PS4.
The PlayStation hack allows the user to install emulators of other consoles, play pirated versions of games, and also unlock some features that are not normally available to users.
At the same time, Nguyen explained that the error he discovered was just one of a chain of errors required for a full PlayStation 5 jailbreak. To date, the newest console has not been hacked.
Only pin code, only hardcore. Locking a smartphone with a fingerprint reduces its security, says Group-IB digital forensics specialist
Group-IB digital forensics specialist Igor Mikhailov told the Prime agency why you should not use a fingerprint on your phone.
According to him, locking a smartphone with a fingerprint reduces its security, as the fingerprint can be copied. In addition, it is possible to unlock the gadget with someone else’s fingerprints, especially on devices with an old sensor.
The most secure way to unlock a smartphone, according to Mikhailov, is to use complex passwords. He advised to turn off the fingerprint login and leave only the pin code.
As for unlocking a smartphone by face, Apple’s Face ID system is the most reliable, but even its enthusiasts managed to deceive with photos and masks of the owners.
10-year-old Samsung Galaxy Galaxy S3 and Galaxy Note 2 received Android 13. True, unofficial
Samsung Galaxy S3 and Galaxy Note 2 smartphones received Android 13, but not official – as part of the LineageOS...
The Radeon RX 6800 XT can be made as fast as the GeForce RTX 3090 Ti. RMP application introduced
The GeForce RTX 40 graphics cards are already presented and will soon begin to hit the market, and the Radeon...
Indestructible smartphone Samsung Galaxy Xcover6 Pro with a replaceable battery was highly appreciated for maintainability
The Samsung Galaxy Xcover6 Pro is IP68 rated and US military standard MIL-STD-810H compliant, but comes with a tool-less removable...
Fans will love this iPhone 14 Pro feature: iOS 16.1 will support streaming sports in Dynamic Island
Apple has confirmed that iOS 16.1 will feature a new Live Activity feature that allows iPhone users to get real-time...
News6 days ago
The hovercraft “Huska-10” from “Kalashnikov” can carry cargo weighing up to 10 tons
Software6 days ago
Microsoft: Tabs in Windows 11 File Explorer and a number of other features will have to wait until October
Gaming6 days ago
Support for DLSS 2.2 and ray tracing. Nintendo Switch next generation will receive SoC Nvidia Tegra 239
News6 days ago
“Feel the new world.” Xiaomi, Vivo, Oppo, Honor will release new flagships with a one-inch sensor on the world market