all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Backdoored XZ Utils (CVE-2024-3094)

Add to bookmarks
April 1, 2024, 5:13 p.m. | Rapid7

Rapid7 Blog blog.rapid7.com

On Friday, March 29, after investigating anomalous behavior in his Debian sid environment, developer Andres Freund contacted an open-source security mailing list to share that he had discovered an upstream backdoor in widely used command line tool XZ Utils (liblzma).

backdoor command command line command line tool cve cve-2024 cve-2024-3094 debian developer emergent threat response environment line list march security share sid tool upstream xz utils

Visit resource

More from blog.rapid7.com / Rapid7 Blog

New! Insight Agent Support for ARM-based Windows in InsightVM 1 day, 11 hours ago | blog.rapid7.com
agent arm assessment devices +8
Metasploit Weekly Wrap-Up 05/31/2024 1 day, 11 hours ago | blog.rapid7.com
cve cve-2024 directory directory traversal +15
CVE-2024-24919: Check Point Security Gateway Information Disclosure 2 days, 13 hours ago | blog.rapid7.com
access advisory check check point +22
Celebrating Excellence: Joanne Guarglia and Kelly Hiscoe Recognized as CRN's 2024 Women of the Channel 2 days, 16 hours ago | blog.rapid7.com
awards career development channel team +1
Metasploit Weekly Wrap-Up 05/23/2024 1 week, 2 days ago | blog.rapid7.com
access broadcast code code execution +16
The Take Command Summit: A Day of Resilience and Preparation 1 week, 2 days ago | blog.rapid7.com
books command cybersecurity discussions +15
CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack 1 week, 2 days ago | blog.rapid7.com
action attack audio cve +17
Rapid7 Releases the 2024 Attack Intelligence Report 1 week, 4 days ago | blog.rapid7.com
and response attack attack surface command +20
Metasploit Wrap-Up 05/17/2024 2 weeks, 1 day ago | blog.rapid7.com
capabilities ldap metasploit metasploit weekly wrapup +2

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com