QuoINT INTELBRIEF – Actors Exploiting the RCE Vulnerability

18. November 19

QuoINT continued their analysis of the ongoing investigation into the worm activity exploiting the RCE vulnerability in the Exim Mail Server. In a recently distributed brief, the team describes the artifacts involved in the attack, as well as provides an update to the attackers’ infrastructure. This coming week, the team will release additional analysis into the C2 infrastructure and threat actor attribution! – PDF 1,98 MB