The U.S. National Security Agency issued a new warning on Thursday saying Russian military cyber actors are connected to a new wave of attacks exploiting widely used email software.
The NSA said the Russian attackers, the Sandworm Team, have been exploiting a vulnerability in Exim mail transfer agent (MTA) software since “at least last August.”
“The Russian actors, part of the General Staff Main Intelligence Directorate’s (GRU) Main Center for Special Technologies (GTsST), have used this exploit to add privileged users, disable network security settings, execute additional scripts for further network exploitation,” the NSA alert read. “[P]retty much any attacker’s dream access—as long as that network is using an unpatched version of Exim MTA.”
A software update to patch the vulnerabilities in Exim MTA was released last year and NSA said Thursday it encourages Americans to immediately adopt the software fix to fight against ongoing cyber threats.
• Ryan Lovelace can be reached at rlovelace@washingtontimes.com.
Please read our comment policy before commenting.