Cybeta's Weekly Newsletter

Cybeta Weekly Attack Surface Attribution Intelligence Date

Week of May 25th, 2020

This week our team identified critical vulnerabilities being discussed across the dark web and identified 36 Advanced Persistent Threat groups, based off of known group TTPs, that are likely to use, have used these vulnerabilities in the past.

These vulnerabilities currently impact 386 distinct instances of deployed technology across the global internet. The majority of these identified vulnerable infrastructure are located in South Africa.

To read more about this week’s edition of our newsletter just click the link.


NSA Warning About Russia’s Military Hackers Attacking Exim Mail Transfer Agent Vulnerability

A report by the Cybeta Threat Research Team

GRU hackers increased targeting operations against Exim Mail Transfer Agent (MTA) in Unix- based systems. Organizations should consider searching server and firewall logs for the relevant IOCs. In the U.S. alone, there are over 216,067 potential opportunities for GRU hackers to exploit this software vulnerability.

Follow this link to read more about this vulnerability and several recommendation on how to avoid the vulnerability.