sandworm – Page 4 – WindowsTechs.com

NSA: Russia Hacking U.S. Firms, via Old Exim Flaw

Posted on May 29, 2020 by Richi Jennings

The Russian state is breaking into companies, exploiting a vulnerability in an open-source email server.
The post NSA: Russia Hacking U.S. Firms, via Old Exim Flaw appeared first on Security Boulevard.
Continue reading NSA: Russia Hacking U.S. Firms, via Old Exim Flaw→

NSA Warns of Sandworm Backdoor Attacks on Mail Servers

Posted on May 29, 2020 by Tara Seals

The Russian spy group, a.k.a. BlackEnergy, is actively compromising Exim mail servers via a critical security vulnerability. Continue reading NSA Warns of Sandworm Backdoor Attacks on Mail Servers→

Sandworm Team Exploiting Vulnerability in Exim Mail Transfer Agent

Posted on May 29, 2020 by David Bisson

The U.S. National Security Agency (NSA) warned that the Sandworm team is exploiting a vulnerability that affects Exim Mail Transfer Agent (MTA) software. In a cybersecurity advisory published on May 28, the NSA revealed that the Sandworm team has been … Continue reading Sandworm Team Exploiting Vulnerability in Exim Mail Transfer Agent→

Russian ’Sandworm‘ Hackers Attacking Exim Email Servers, Says NSA

Posted on May 29, 2020 by Liviu Arsene

An advanced Russian government cyber-espionage unit has been exploiting a known Exim email server vulnerability since August 2019, according to an NSA security alert. The NSA said the Russian hackers are part of the GRU Main Center for Special Technolo… Continue reading Russian ’Sandworm‘ Hackers Attacking Exim Email Servers, Says NSA→

NSA calls out Russian military hackers targeting mail relay software

Posted on May 28, 2020 by Shannon Vavra

Hackers working for Russia’s intelligence agency have been exploiting a vulnerability in a mail relay software since August of last year, according to an alert issued Thursday by by the National Security Agency. The NSA publicly attributes the actions to the Russian military’s Main Center for Special Technologies (GTsST). That group is more commonly known as Sandworm, the hacking group believed to be responsible for Ukraine grid disruptions. The alert comes amid a broader agency effort to publicly share more unclassified threat intelligence. The NSA established a cybersecurity directorate last year to take the reins on providing real-time information in the hopes to prevent digital intrusions against U.S. networks. The Exim Mail Transfer Agent (MTA) vulnerability exploited in this case, CVE-2019-10149, allows the threat actors to execute commands and code remotely. When Sandworm exploits the vulnerability, victim machines download and execute a shell script from a Sandworm-controlled domain, according to […]

The post NSA calls out Russian military hackers targeting mail relay software appeared first on CyberScoop.

Continue reading NSA calls out Russian military hackers targeting mail relay software→

Google sent ~40K warnings to targets of state-backed attackers in 2019

Posted on March 30, 2020 by Lisa Vaas

Google has seen a rising number of attackers impersonating news outlets and journalists to spread fake news among other reporters. Continue reading Google sent ~40K warnings to targets of state-backed attackers in 2019→

Google sent ~40K warnings to targets of state-backed attackers in 2019

Posted on March 30, 2020 by Lisa Vaas

US and UK call out Russian hackers for Georgia attacks

Posted on February 21, 2020 by Danny Bradbury

The US and UK governments have both accused Russia of launching a cyber attack against the Georgian government last year. Continue reading US and UK call out Russian hackers for Georgia attacks→

In rare move, State Department calls out Russia for attacks on Georgia last year

Posted on February 20, 2020 by Shannon Vavra

In a rare public announcement, the State Department is formally blaming Russian intelligence for a cyber incident that disrupted thousands of websites in Georgia last year. The incident, carried out by the Russian General Staff Main Intelligence Directorate (GRU) last October, according to Secretary of State Mike Pompeo, disrupted and defaced thousands of Georgian government websites and the broadcast of two television stations. “This action contradicts Russia’s attempts to claim it is a responsible actor in cyberspace and demonstrates a continuing pattern of reckless Russian GRU cyber operations against a number of countries,” Pompeo said in a statement Thursday. “These operations aim to sow division, create insecurity, and undermine democratic institutions.” Thursday’s announcement was the first time the U.S. government connected the GRU to the hacking group known as Sandworm. The U.S. government has previously said Sandworm was responsible for the NotPetya worm and Olympic Destroyer attacks. The rare reprimand […]

The post In rare move, State Department calls out Russia for attacks on Georgia last year appeared first on CyberScoop.

Continue reading In rare move, State Department calls out Russia for attacks on Georgia last year→

Fake Android apps uploaded to Play store by notorious Sandworm hackers

Posted on December 2, 2019 by John E Dunn

The Russian ‘Sandworm’ hacking group has been caught repeatedly uploading fake and modified Android apps to Google’s Play Store. Continue reading Fake Android apps uploaded to Play store by notorious Sandworm hackers→