Warning: Cybersecurity Firm Detects Attack on Construction Accounting System | FunderLyst
Dark
Light
Today: April 17, 2025
September 18, 2024
1 min read

Warning: Cybersecurity Firm Detects Attack on Construction Accounting System



Article Summary

TLDR:

– Cybersecurity firm Huntress discovered a threat to users of Foundation Software in the construction industry.

– Default credentials were used by affected companies, leaving them vulnerable to attack.

Ellicott City, Maryland-based cybersecurity firm Huntress identified a cybersecurity threat to users of Foundation Software, a system serving 43,000 construction professionals nationwide. The threat involved a “brute force” attack, targeting plumbing, HVAC, concrete, and similar subcontractors who were actively impacted. The attack relied on default credentials that were not changed upon installation of the software. About 500 hosts running the Foundation software were affected, with 33 hosts having unchanged default credentials publicly exposed. Foundation Software responded by stating that affected users were limited to those using legacy software physically installed at their companies, rather than the hosted software-as-a-service offering. Users of the software were urged to change their credentials to protect themselves from potential breaches. The U.S. Cybersecurity and Infrastructure Agency highlighted the use of default passwords as a major cybersecurity issue and recommended organizations to reset them. Microsoft SQL, used by Foundation Software, featured two high-privilege administrative accounts with default credentials that could be exploited by attackers. Huntress advised limiting access to SQL servers if not needed, changing default passwords, and restricting functionality for unnecessary components to enhance security.


Previous Story

Revolutionizing the built environment: Era Ventures secures $88M fund

Next Story

Mercor’s AI Interviewer: Vetting 300K Candidates & Valued $250M

Latest from Blog

VCFA Group Closes $1225M Venture Partners VII Fund

TLDR: VCFA Group closed VCFA Venture Partners VII fund with $122.5 million in commitments Transition marks continuation of VCFA’s pioneering legacy in the secondary private equity space VCFA Group, a pioneer in

Top AI Trends and Startups Shaping 2025 and Beyond

“`html TLDR: Israel is excelling in applicative and vertical AI, focusing on practical solutions in cybersecurity, healthcare, and defense rather than competing with tech giants in foundational AI models. Five key AI
Go toTop