January 5, 2022
RadioPublic Podcasts
Join our community!!
Subscribe to the Insecurity Brief podcast now on every platform we can find
Follow us on Twitter
@HoneyBeez0x
@trip_elix
Links
Trip’s books
https://www.tripelix.com/merch
Honey’s books
https://beedefense.net
#windows #Exchange #microsoft #scam #zoho #hackers #romance
As a part of the ongoing security research efforts by the Guardicore Labs team, we have discovered an interesting case of credential leak affecting a large number of people and organizations worldwide. The credentials that are being leaked are valid Windows domain credentials used to authenticate to Microsoft Exchange servers.
https://www.guardicore.com/labs/autodiscovering-the-great-leak/
An unpatched design flaw in the implementation of Microsoft Exchange’s Autodiscover protocol has resulted in the leak of approximately 100,000 login names and passwords for Windows domains worldwide.
https://thehackernews.com/2021/09/microsoft-exchange-bug-exposes-100000.html
The FBI warned today that a huge increase in online romance scams has caused Americans to lose more than $ 113 million since the beginning of 2021.
Zoho’s customer list includes “three in five Fortune 500 companies”, including Apple, Intel, Nike, PayPal, HBO and many more. The vulnerability identified as CVE-2021-40539 was found in the Zoho ManageEngine ADSelfService Plus software and allows attackers to “take over” vulnerable systems after a successful exploitation.
https://en.secnews.gr/366332/fbi-cisa-hacker-ekmetallevontai-ena-krisimo-bug-zoho
Honey Beez is a retired computer hacker, chess addict, author, and mother. Honey is an American and a New Yorker. She has written several Children’s books and chess books as well as creating an American chess opening called The Bee Defense.
Trip Elix is an author, podcaster and video personality Over the last 30 years, he has worked as a security analyst and privately as a consultant, investigator, forensic technician and a skip tracer. He is the author of three books and gives talks on security and privacy.
Coyright