Russian crackers are exploiting bug that gives control of mail servers

"In an advisory published on Thursday, the NSA said that the Sandworm group was actively exploiting a vulnerability in Exim, an open-source mail transfer agent for Unix-based operating systems. Tracked as CVE-2019-10149, the critical bug makes it possible for an unauthenticated remote attacker to send specially crafted emails that execute commands with root privileges."

@orbital Hopefully it's patched since some time in #Debian

Another good example of why it's a good idea to have unattended security upgrade.

Sign in to participate in the conversation
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.