A hacker group associated with the Russian government has hacked an email software vulnerability, the National Security Agency says.
Their recent advisory said the group, called “Sandworm team,” is a part of Russia’s military intelligence agency that exploited a vulnerability in Exim Mail Transfer Agent since last August.
More from a recent NBC report:
“The Russian actors … have used this exploit to add privileged users, disable network security settings, execute additional scripts for further network exploitation; pretty much any attacker’s dream access – as long as that network is using an unpatched version of Exim MTA,” the advisory said.
The agency advised users to immediately update the software and warned that any outdated versions would likely remain vulnerable to attack.
“When the patch was released last year, Exim urged its users to update to the latest version. NSA adds its encouragement to immediately patch to mitigate against this still current threat,” it said.
The NSA’s Cybersecurity Directorate, which was restructured and newly launched last October, has been charged with disseminating more unclassified threat information more quickly, so that private sector entities can take steps to protect themselves from cyber attacks.
The directorate announced in January that a flaw in Windows 10 was disclosed to Microsoft and no harmful cyber activities were carried out.
The NSA has launched a new Twitter account, @NSACyber, where news of the Exim vulnerability was recently announced.
Additional resources to protect against cyber threats:
- Ways to Bring More Cyber Security Practices to Your AV Business
- Protect Your Clients With New Cyber Solutions Like NeuShield
- Why AV Integrators Need a Cybersecurity Strategy
- Cybersecurity Tips to Help Companies Whose Employees Are Working at Home
This story first appeared on our sister site, MyTechDecisions.
