all InfoSec news
On the critical path to implant backdoors and the effectiveness of potential mitigation techniques: Early learnings from XZ
April 16, 2024, 4:10 a.m. | Mario Lins, Ren\'e Mayrhofer, Michael Roland, Daniel Hofer, Martin Schwaighofer
cs.CR updates on arXiv.org arxiv.org
Abstract: An emerging supply-chain attack due to a backdoor in XZ Utils has been identified. The backdoor allows an attacker to run commands remotely on vulnerable servers utilizing SSH without prior authentication. We have started to collect available information with regards to this attack to discuss current mitigation strategies for such kinds of supply-chain attacks. This paper introduces the critical attack path of the XZ backdoor and provides an overview about potential mitigation techniques related to …
arxiv attack attacker authentication backdoor backdoors collect critical cs.cr emerging implant mitigation path run servers ssh supply techniques vulnerable xz utils
More from arxiv.org / cs.CR updates on arXiv.org
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
Senior - Penetration Tester
@ Deloitte | Madrid, España
Associate Cyber Incident Responder
@ Highmark Health | PA, Working at Home - Pennsylvania
Senior Insider Threat Analyst
@ IT Concepts Inc. | Woodlawn, Maryland, United States