Application security, Threat Intelligence, Patch/Configuration Management

Accounting software targeted to breach construction sector

Construction of the San Joaquin River Viaduct in July 5, 2017, in Fresno, Calif. (Photo by California High-Speed Rail Authority via Getty Images)

Organizations in the HVAC, plumbing, concrete, and other sub-industries of the construction sector have been targeted through brute-force attacks against internet-exposed instances of the Foundation accounting software last week, reports The Record, a news site by cybersecurity firm Recorded Future.

Almost 35,000 brute-force attempts have been conducted by threat actors against a single host's Microsoft SQL Server leveraged by the accounting software for database operations, according to researchers from Huntress. Researchers also noted the risk of compromise being further exacerbated by the prevalence of weak passwords in the implementations of the software, with 33 of the almost 500 hosts with Foundation software having default credentials. While Foundation has yet to respond to the reported intrusions, Huntress has already warned entities subjected to suspicious activity. "...[W]e also sent out a precautionary advisory notification to any of our customers and partners who have the FOUNDATION software in their environment," Huntress added.

An In-Depth Guide to Application Security

Get essential knowledge and practical strategies to fortify your applications.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds