The US National Security Agency has published an advisory regarding the GRU – the Russian military intelligence service.
The advisory relates to the ongoing exploitation of Exim vulnerability CVE-2019-10149 by the GRU.
“To mitigate the CVE -2019-10149 vulnerability, providers should update Exim immediately by installing version 4.93 or newer. The NCSC has previously published an advisory providing details of a number of Exim mail server vulnerabilities and mitigation advice.”
A spokesperson for the NCSC said:
“We support the findings published today in the NSA advisory’s regarding the GRU intrusion set known as ‘Sandworm’. We have notified UK providers affected by this activity and have recommended they protect users by patching the vulnerability. The UK and its allies will continue to expose those who conduct hostile and destabilising cyber attacks.”
The UK and its allies have previously exposed numerous campaigns by the GRU of indiscriminate and reckless cyber attacks.
Earlier this year, the UK government publicly condemned a campaign of unacceptable cyber attacks against Georgia. The NCSC assessed with the highest level of probability that the Russian GRU was behind these attacks.