[HackerNews] Microsoft Exchange Bug Exposes ~100,000 Windows Domain Credentials

An unpatched design flaw in the implementation of Microsoft Exchange’s Autodiscover protocol has resulted in the leak of approximately 100,000 login names and passwords for Windows domains worldwide.
“This is a severe security issue, since if an attacker can control such domains or has the ability to ‘sniff’ traffic in the same network, they can capture domain credentials in plain text (HTTP

Source: Read More (The Hacker News)

You might be interested in …

[TheRecord] Russia reroutes internet in occupied Ukrainian territory through Russian telcos

After knocking out the internet service in Kherson, Ukraine, this weekend, Russian forces reinstated service but routed it through Russia‚Äôs network instead of Ukrainian telecommunications infrastructure. Ukrainian officials and internet access monitor Netblocks said there was a near-total internet blackout across Kherson on Saturday, knocking out the connectivity of Ukrainian providers like Ukrtelecom, Kyivstar and […]

Read More

[ZDNet] Microsoft Power Apps misconfiguration exposes 38 million data records

All posts, ZDNet

The data leaks impacted American Airlines, Microsoft, J.B. Hunt and governments of Indiana, Maryland and New York City, says Upguard. Source: Read More (Latest topics for ZDNet in Security)

Read More

[BleepingComputer] Fake Windows 11 installers now used to infect you with malware

Scammers are already taking advantage of the hype surrounding Microsoft’s next Windows release to push fake Windows 11 installers riddled with malware, adware, and other malicious tools. […] Source: Read More (BleepingComputer)

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.