TechRepublic Wi-Fi 6 (802.11ax): A cheat sheet Read More Microsoft has issued a warning to Azure customers on Friday about a Linux worm spreading via Exim servers, which has also infected some Azure installations. The worm, first reported by ZDNet earlier this week, and later detailed in more depth by the Cybereason team, infects Exim email servers using the CVE-2019-10149 vulnerability, a security flaw that lets attackers execute remote commands and take over unpatched systems. The worm uses the vulnerability to take over a server, then scans the internet for other servers, and attempts to infect them as well, before dropping a cryptocurrency miner on the current host. The worm targets servers that run Exim — a mail transfer agent (MTA), which is software that runs on Linux-based email servers to relay emails from senders to recipients. Azure infrastructure stops some parts of the worm On Friday, Microsoft said its Azure infrastructure has been hit by this worm as well. The good news is that the Azure infrastructure “has controls in place to help limit the spread of this worm,” Microsoft said. However, the company is still warning customers that the rest of the worm still works fine. The worm may not be able to self-spread by scanning the internet and replicating itself, but the hacked Azure machines will remain compromised, and infected with a cryptocurrency miner. The miner will slow down infected systems, and hackers will also be able to drop other malware on Azure virtual machines at any… [Read full story]
ZDNet is a business technology news website published by CBS Interactive, along with TechRepublic. The brand was founded on April 1, 1991, as a general interest technology portal from Ziff Davis and evolved into an enterprise IT-focused online publication owned by CNET Networks.