- May 4, 2019
- 801
The U.S. National Security Agency (NSA) says that Russian military threat actors known as Sandworm Team have been exploiting a critical flaw in the Exim mail transfer agent (MTA) software since at least August 2019.
The vulnerability tracked as CVE-2019-10149 and named "The Return of the WIZard" makes it possible for unauthenticated remote attackers to execute arbitrary commands as root on vulnerable mail servers — for some non-default server configurations — after sending a specially crafted email.
"When the patch was released last year, Exim urged its users to update to the latest version," the agency says. "NSA adds its encouragement to immediately patch to mitigate against this still current threat."
NSA warns of new Sandworm attacks on email servers
NSA says Russia's military hackers have been attacking Exim email servers to plant backdoors since August 2019.
www.zdnet.com
NSA: Russian govt hackers exploiting critical Exim flaw since 2019
The U.S. National Security Agency (NSA) says that Russian military threat actors tracked as Sandworm Team have been exploiting a critical flaw in the Exim mail transfer agent (MTA) software since at least August 2019.
www.bleepingcomputer.com