HomeCyber SecurityRussian nation-state actors exploiting a critical remote command execution vulnerability in the...

Russian nation-state actors exploiting a critical remote command execution vulnerability in the Unix MTA

Russian nation-state actors exploiting a critical remote command execution vulnerability in the Unix mail transfer agent (MTA) known as Exim – Satnam Narang, Staff Research Engineer at Tenable shares his views:

In a recent cybersecurity alert issued by the National Security Agency (NSA), it was found that Russian nation-state actors have been exploiting CVE-2019-10149, a critical remote command execution vulnerability in the Unix mail transfer agent (MTA) known as Exim, since August 2019.

Though patches were made available in June 2019, security researchers observed active exploitation attempts in the wild four days after the flaw was originally patched. At the time, there were 4.1 million systems online running a vulnerable version of Exim based on search results from Shodan. Today, there are nearly a half a million servers still vulnerable to CVE-2019-10149.

Satnam Narang, Staff Research Engineer at Tenable comments about this latest development. “The NSA recently issued a cybersecurity advisory warning that Russian nation-state actors have been exploiting CVE-2019-10149, a critical remote command execution vulnerability in the Unix mail transfer agent (MTA) known as Exim, since August 2019. Though patches were made available nearly a year ago in June 2019, security researchers observed active exploitation attempts in the wild a mere four days after the flaw was originally patched. At the time, there were 4.1 million systems online running a vulnerable version of Exim based on search results from Shodan. Today, there are nearly a half a million servers still vulnerable to CVE-2019-10149.

Whether it is a nation-state or financially-driven threat actors, this is another reminder that cybercriminals tend to set their sights on low hanging fruit. Zero-day vulnerabilities garner much attention, but practically speaking, it’s the publicly known unpatched vulnerabilities that provide cybercriminals the best bang for their buck. This is because many organizations struggle to keep pace with the sheer volume of newly-discovered vulnerabilities, providing cybercriminals a window of opportunity to gain a foothold by exploiting flaws such as this one.

He added, “This NSA warning follows a recent advisory from the Cybersecurity Infrastructure and Security Agency (CISA) which highlighted the top 10 routinely exploited vulnerabilities. Yet again, the list indicates that most threat actors are choosing not to spend their capital to burn a zero-day vulnerability, opting instead to target publicly known unpatched vulnerabilities in a variety of software like Exim.”

Technology For You
Technology For Youhttps://www.technologyforyou.org
Technology For You - One of the Leading Online TECHNOLOGY NEWS Media providing the Latest & Real-time news on Technology, Cyber Security, Smartphones/Gadgets, Apps, Startups, Careers, Tech Skills, Web Updates, Tech Industry News, Product Reviews and TechKnowledge...etc. Technology For You has always brought technology to the doorstep of the Industry through its exclusive content, updates, and expertise from industry leaders through its Online Tech News Website. Technology For You Provides Advertisers with a strong Digital Platform to reach lakhs of people in India as well as abroad.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

spot_img

CYBER SECURITY NEWS

TECH NEWS

TOP NEWS