Russian agents have been hacking major email program

The US National Security Agency ( NSA ) has issued a cybersecurity advisory warning that the Russian military hacking group responsible for ...

The US National Security Agency (NSA) has issued a cybersecurity advisory warning that the Russian military hacking group responsible for interfering in the 2016 presidential election has been exploiting a critical vulnerability in Exim since last August or earlier.

For those unfamiliar with Exim, the software is a mail transfer agent (MTA) that runs in the background of email servers. The software is currently the most popular MTA and a big reason for this is due to the fact that it is bundled with many popular Linux distros including Debian and Red Hat.

The timing of the NSA's advisory is a bit strange though as the critical vulnerability in Exim was identified 11 months ago and a patch has already been released to fix the issue. 

According to the president of Rendition Infosec and former US government hacker, Jake Williams who spoke with the Associated Press, Exim is so widely used that some companies and government agencies that run the software may have not yet patched the vulnerability. He believes that the NSA may have issued its new advisory to bring attention to the Russian military group known as Sandworm which has exploited the critical vulnerability in Exim in its attacks.

Sandworm

In its advisory, the NSA provided further details on the vulnerability in Exim that Sandworm is actively exploiting, saying:

“The vulnerability being exploited, CVE-2019-10149, allows a remote attacker to execute commands and code of their choosing. The Russian actors, part of the General Staff Main Intelligence Directorate’s (GRU) Main Center for Special Technologies (GTsST), have used this exploit to add privileged users, disable network security settings, execute additional scripts for further network exploitation; pretty much any attacker’s dream access – as long as that network is using an unpatched version of Exim MTA.”

While the NSA did not reveal who the Russian military hackers have targeted, in recent months senior US intelligence officials have warned that Kremlin agents are currently engaged in activities online that could threaten the integrity of the country's 2020 presidential election.

Organizations and government agencies that use Exim should apply this patch immediately if they have not already done so to avoid falling victim to any potential attacks.

Via MSN



from TechRadar - All the latest technology news https://ift.tt/36KFbjX
via IFTTT

COMMENTS

BLOGGER
Name

Apps,3858,Business,151,Camera,1155,Earn $$$,3,Gadgets,1741,Games,926,GTA,1,Innovations,3,Mobile,1697,Paid Promotions,5,Promotions,5,Sports,1,Technology,8106,Trailers,796,Travel,37,Trending,4,Trendly News,25335,TrendlyNews,183,Video,5,XIAOMI,13,YouTube - 9to5Google,182,
ltr
item
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews: Russian agents have been hacking major email program
Russian agents have been hacking major email program
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews
http://www.trendlynews.in/2020/05/russian-agents-have-been-hacking-major.html
http://www.trendlynews.in/
http://www.trendlynews.in/
http://www.trendlynews.in/2020/05/russian-agents-have-been-hacking-major.html
true
3372890392287038985
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share. STEP 2: Click the link you shared to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy