- The Washington Times - Thursday, May 28, 2020

The U.S. National Security Agency issued a new warning on Thursday saying Russian military cyber actors are connected to a new wave of attacks exploiting widely used email software.

The NSA said the Russian attackers, the Sandworm Team, have been exploiting a vulnerability in Exim mail transfer agent (MTA) software since “at least last August.”

“The Russian actors, part of the General Staff Main Intelligence Directorate’s (GRU) Main Center for Special Technologies (GTsST), have used this exploit to add privileged users, disable network security settings, execute additional scripts for further network exploitation,” the NSA alert read. “[P]retty much any attacker’s dream access—as long as that network is using an unpatched version of Exim MTA.”

A software update to patch the vulnerabilities in Exim MTA was released last year and NSA said Thursday it encourages Americans to immediately adopt the software fix to fight against ongoing cyber threats.

Sign up for Daily Newsletters

Manage Newsletters

Copyright © 2020 The Washington Times, LLC. Click here for reprint permission.

Please read our comment policy before commenting.


Click to Read More and View Comments

Click to Hide