In an alert issued by the NSA, companies and organizations were urged to update their Exim Mail Transfer Agent (MTA) servers to version 4.93 or newer. Earlier versions are reportedly impacted by a series of vulnerabilities that are currently exploited by a hacker group known as Sandworm with ties to the Russian military intelligence agency. While the NSA mentioned CVE-2019-10149, which was an Exim vulnerability that allowed remote code execution as root, RiskIQ also reports that CVE-2019-15846 (another RCE vulnerability in Exim) and CVE-2019-16928, which was a DOS and code execution vulnerability. RiskIQ reported that there are over 900,000 vulnerable Exim servers, with the majority running Exim 4.92.
12 Essentials for a Successful SOC Partnership
As cyber threats continue to impact businesses of all sizes, the need for round-the-clock security