#Huntress

Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms

by

September 19, 2024 at 12:21PM Cybersecurity company Huntress has identified threat actors targeting the construction sector by infiltrating the FOUNDATION Accounting Software. Attackers use brute force to exploit default credentials, gaining access to plumbing, HVAC, concrete, and related sub-industries. To mitigate risk, it’s advised to rotate default credentials, avoid exposing the application over the public … Read more

Contractor Software Targeted via Microsoft SQL Server Loophole

by

September 18, 2024 at 05:09PM Threat actors have been targeting Foundation accounting software used in construction, exploiting vulnerabilities in plumbing, HVAC, and concrete sub-industries. Researchers at Huntress discovered the threat, involving host/domain enumeration commands. The software’s MSSQL instance allows mobile app access, potentially exposing TCP port 4243 to the public. Organizations are advised to rotate … Read more

Threat Actors Target Accounting Software Used by Construction Contractors

by

September 18, 2024 at 11:14AM Huntress warns of cyberattacks targeting Foundation Accounting Software, widely used in construction. Threat actors are brute forcing the application and exploiting default credentials, compromising organizations in various sub-industries. The attackers target MSSQL accounts, execute OS commands, and automate attacks. Only 33 publicly exposed hosts running the software with unchanged default … Read more