Exim Servers, the company responsible for looking after 57 per cent of world’s internet servers, is allegedly under attack following a security flaw. The number of attacks are massive and are carried out by individual hacker groups. The report first came out ZDNet that warned that hackers are capable of taking over all vulnerable servers if the security flaw is not addressed at the earliest.
Of the two hacker groups identified, one is operating from a public internet server, while the other one stands more difficult to be traced as it is said to be operating from a dark web server. The security flaw, titled “Return Of The WIZard – CVE-2029-10149” was publicly disclosed on June 5 and is still not fixed. The flaw allows access to root of the vulnerable servers as remotely-located hackers can send malicious emails to these vulnerable servers to run malicious codes under the process’ access level. Both the groups were traced and had entirely different attack patterns.
While the first group seemed to have no fixed attack pattern, as it kept changing its patterns every time, the other seemed to be fixed on creating a backdoor into the MTA servers. If the reports are to be believed, the first wave of attacks hit the internet on 9th June while the second crept in a day later on 10th June. The number of servers that are vulnerable to this security flaw is massive, which makes the threat of this attack much more severe than it looks right now.
Talking of cyber attacks, according to a report, the FTSE 250 companies
have exposed 35 different ways for hackers to target a company. The report suggested that most of the companies are finding it difficult to keep their systems up to date and away from all threats and possible attacks.