exchange

6 Articles

Retrotechtacular: Rebuilding A Fire-Ravaged Telephone Exchange

January 11, 2024 by 15 Comments

Those who haven’t experienced the destruction of a house fire should consider themselves lucky. The speed with which fire can erase a lifetime of work — or a life, for that matter — is stunning. And the disruption a fire causes for survivors, who often escape the blaze with only the clothes on their backs, is almost unfathomable. To face the task of rebuilding a life with just a few smoke-damaged and waterlogged possessions while wearing only pajamas and slippers is a devastating proposition.

As bad as a residential fire may be, though, its impact is mercifully limited to the occupants. Infrastructure fires are another thing entirely; the disruption they cause is often felt far beyond the building or facility involved. The film below documents a perfect example of this: the 1975 New York Telephone Exchange fire, which swept through the company’s central office facility at the corner of 2nd Avenue and 13th Street in Manhattan and cut off service to 300 blocks of the East Village and Lower East Side neighborhoods.

Continue reading “Retrotechtacular: Rebuilding A Fire-Ravaged Telephone Exchange”

This Week In Security: Exchange 0-day, Doppelgangers, And Python Gets Bit In The TAR

September 30, 2022 by 13 Comments

According to researchers at GTSC, there’s an unpatched 0-day being used in-the-wild to exploit fully patched Microsoft Exchange servers. When they found one compromised server, they made the report to Microsoft through ZDI, but upon finding multiple Exchange servers compromised, they’re sounding the alarm for everyone. It looks like it’s an attack similar to ProxyShell, in that it uses the auto-discover endpoint as a starting point. They suspect it’s a Chinese group that’s using the exploit, based on some of the indicators found in the webshell that gets installed.

There is a temporary mitigation, adding a URL-based request block on the string .*autodiscover\.json.*\@.*Powershell.. The exact details are available in the post. If you’re running Exchange with IIS, this should probably get added to your system right now. Next, use either the automated tool, or run the PowerShell one-liner to detect compromise: Get-ChildItem -Recurse -Path -Filter "*.log" | Select-String -Pattern 'powershell.*autodiscover\.json.*\@.*200. This one has the potential to be another really nasty problem, and may be wormable. As of the time of writing, this is an outstanding, unpatched problem in Microsoft Exchange. Come back and finish the rest of this article after you’ve safed up your systems.

Continue reading “This Week In Security: Exchange 0-day, Doppelgangers, And Python Gets Bit In The TAR”

Hackaday Links Column Banner

Hackaday Links: July 10, 2022

July 10, 2022 by 9 Comments

We always like to call out a commercial success stemming from projects that got their start on Hackaday.io, and so we’re proud to announce the release of MAKE: Calculus by Joan Horvath and Rich Cameron, a book that takes a decidedly different approach to teaching calculus than traditional courses. Geared to makers and hackers, who generally tend to have a visual style of learning, the book makes heavy use of 3D-printed models to illustrate the relationships between functions. The project started five years ago as a 2017 Hackaday Prize entry, and resulted in a talk at the 2019 Supercon. Their book is now available for preorder, and might be a great way to reacquaint themselves with calc, or perhaps even to learn it for the first time. Continue reading “Hackaday Links: July 10, 2022”

This Week In Security: Y2K22, Accidentally Blocking 911, And Bug Alert

January 7, 2022 by 45 Comments

If you had the misfortune of running a Microsoft Exchange server this past week, then you don’t need me to tell you about the Y2K22 problem. To catch rest of us up, when Exchange tried to download the first malware definitions update of 2022, the version number of the new definitions triggered a crash in the malware detection engine. The date is represented as the string 2201010001, where the first two digits represent the year. This string gets converted to a signed long integer, which maxes out at 2,147,483,647. The integer overflows, and the result is undefined behavior, crashing the engine. The server fails safe, not processing any messages without a working malware engine, which means that no e-mail gets through. Happy new year!
Continue reading “This Week In Security: Y2K22, Accidentally Blocking 911, And Bug Alert”

This Week In Security: APT Targeting Researchers, And Someone Watching All The Cameras

March 12, 2021 by 16 Comments

Microsoft’s Patch Tuesday just passed, and it’s a humdinger. To add the cherry on top, two seperate BSOD inducing issues led to Microsoft temporarily pulling the update.

Among the security vulnerabilities fixed is CVE-2021-26897, another remote code exploit in the Windows DNS server. It’s considered a low-complexity attack, but does require local network access to pull off. CVE-2021-26867 is another of the patched vulnerabilities that sounds very serious, allowing an attacker on a Hyper-V virtual machine to pierce the barrier and run code on the hypervisor. The catch here is that the vulnerability is only present when using the Plan 9 filesystem, which surely limits the scope of the problem to a small handful of machines.

The most interesting fixed flaw was CVE-2021-26411 a vulnerability that allowed remote code execution when loading a malicious web page in either IE or pre-chromium Edge. That flaw was actively being exploited in a unique APT campaign, which we’ll cover right after the break.

Continue reading “This Week In Security: APT Targeting Researchers, And Someone Watching All The Cameras”

Rotary Phones And The Birth Of A Network

July 26, 2017 by 85 Comments

I can’t help but wonder how long it will be before the movie title  “Dial M for Murder” becomes mysterious to most of the population. After all, who has seen a dial phone lately? Sure, there are a few retro phones, but they aren’t in widespread use. It may not be murder, but it turns out that the dial telephone has its roots in death — or at least the business of death. But to understand why that’s true, you need to go back to the early days of the telephone.

Did you ever make a tin can phone with a string when you were a kid? That dates back to at least 1667. Prior to the invention of what we think of as the telephone, these acoustic phones were actually used for specialized purposes.

We all know that [Alexander Graham Bell] made a working telephone over a wire, drawing inspiration from the telegraph system. However, there’s a lot of dispute and many others about the same time were working on similar devices. It is probably more accurate to say that [Bell] was the first to successfully patent the telephone (in 1876, to be exact).

Continue reading “Rotary Phones And The Birth Of A Network”