all InfoSec news
XZ backdoor story – Initial analysis
Malware Analysis, News and Indicators - Latest topics malware.news
On March 29, 2024, a single message on the Openwall OSS-security mailing list marked an important discovery for the information security, open source and Linux communities: the discovery of a malicious backdoor in XZ. XZ is a compression utility integrated into many popular distributions of Linux.
The particular danger of the backdoored library lies in its use by the OpenSSH server process sshd. On several systemd-based distributions, including Ubuntu, Debian and RedHat/Fedora Linux, OpenSSH is patched to use …
analysis backdoor communities compression discovery distributions important information information security library lies linux list malicious march message open source oss oss-security popular security single story utility xz backdoor