“A new wave of Sandworm attacks is deeply concerning.”
The US’s Countrywide Security Agency (NSA) claims Russian armed forces intelligence is broadly abusing a essential 2019 vulnerability in just the Exim mail transfer program
The NSA reported the GRU’s Key Centre for Specific Systems (GTsST) are making use of the bug to “add privileged people, disable community security options, execute additional scripts for additional community exploitation really much any attacker’s aspiration entry.”
The hackers are commonly known as “Sandworm”.
Exim is a mail transfer agent made use of broadly in Unix-dependent methods and will come pre-put in in several Linux deployments. A essential vulnerability (CVE-2019-10149) exists in all variations of Exim’s MTA from edition 4.87 to 4.91 it was 1st reported by Qualys.
Even though this has been patched upstream considering that June 2019, the perennial trouble of weak cyber cleanliness and irregular patching usually means several