Russian hackers (BlackEnergy Group/Olympic Destroyer) have started exploiting CVE-2019-10149 (RCE with root privs on Exim mail server) since at least August 2019 - less than a month since the bug was published https://www.bleepingcomputer.com/news/security/nsa-russian-govt-hackers-exploiting-critical-exim-flaw-since-2019/
NSA: Russian govt hackers exploiting critical Exim flaw since 2019

The U.S. National Security Agency (NSA) says that Russian military threat actors tracked as Sandworm Team have been exploiting a critical flaw in the Exim mail transfer agent (MTA) software since at...

https://www.bleepingcomputer.com/news/security/nsa-russian-govt-hackers-exploiting-critical-exim-flaw-since-2019/
The attackers exploited the flaw by sending an email with Exploiting the flaw is possible by sending an email email with a command added to the "MAIL FROM:" field 👇
The script used gives the attackers complete access to compromised servers and MySQL databases

Two of the commands, base64-encoded, check running processes for Little Snitch firewall for macOS. Commands are dropped if LS is found
more tweet-size details in this thread here: https://twitter.com/BleepinComputer/status/1266024197542862849
You can follow @Ionut_Ilascu.
Tip: mention @twtextapp on a Twitter thread with the keyword “unroll” to get a link to it.

Latest Threads Unrolled:
There are a lot of misconceptions about the Turkish diaspora in Germany. Since i just finished writing an essay about this topic I thought it's time to give other people
Read more
Las mejores calculadoras online en 2020A thread http://totumat.com/2020/11/26/las-mejores-calculadoras-online-en-2020/ Cuando se estudian asignaturas que requieren de cálculos complicados, nada mejor que contar con una buena calculadora.
Read more
Mitigating #ClimateChange is as much about taking up new techs as about leaving others behindMost studies focus on #coal's global downfall but another #energy tech decline is loomingRead my new
Read more