As a Comcast customer, this one hits me too. A new post on Silicon Beat tells the tale of a group called NullCrew FTS hacked 34 of Comcast’s mail servers and posted proof of their exploit online. There is no point in taking chances, just login and change the passwords to your email addresses. You might as well change your master account login as well.
This is a shame on Comcast moment, as they had been aware of the vulnerability to their Zimbra email server software, and evidently have done nothing to patch the vulnerability. This includes ignoring a warning from NullCrew that they were planning to attempt the exploit. And they have done little to nothing to warn their subscribers of this problem.
Brought to you by the same fine folks who fired Jay Leno! It figures.Share
About the Author:I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com