"Security researcher Ivan Kwiatkowski first reported the in-the-wild attacks, which he described as 'mass exploitation.' He said the malicious emails were sent by the IP address 79.124.49[.]86 and, when successful, attempted to run a file hosted there using the tool known as curl."
"On Wednesday, security researchers provided additional details that suggested the damage from ongoing exploitation was likely to be contained. They said, a default setting must be changed, likely lowering the number of servers that are vulnerable."
"Ron Bowes went on to report that the 'payload doesn't actually do anything-it downloads a file (to stdout) but doesn't do anything with it.'... It doesn't really seem like a serious attack."
Collection
[
|
...
]