all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Xz Utils Backdoor

Add to bookmarks
April 2, 2024, 8:20 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

The cybersecurity world got really lucky last week. An intentionally placed backdoor in xz Utils, an open-source compression utility, was pretty much accidentally discovered by a Microsoft engineer—weeks before it would have been incorporated into both Debian and Red Hat Linux. From ArsTehnica:



Malicious code added to xz Utils versions 5.6.0 and 5.6.1 modified the way the software functions. The backdoor manipulated sshd, the executable file used to make remote SSH connections. Anyone in possession of a predetermined encryption …

backdoor code compression cybersecurity debian engineer linux malicious microsoft red hat utility week world xz utils

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

How to Incorporate SAST, DAST, and SCA into the SDLC 12 hours ago | malware.news
application application security application security testing application security testing tools +12
Nslookup's Debug Options, (Sun, May 5th) 14 hours ago | malware.news
debug dns machine may +4
Pay up, or else? – Week in security with Tony Anscombe 1 day, 2 hours ago | malware.news
attack caught dilemma hard +10
Sintesi riepilogativa delle campagne malevole nella settimana del 27 Aprile – 3 Maggio 2024 1 day, 4 hours ago | malware.news
cert con cui dei +2
Malware Simulators cannot test Antivirus Software 1 day, 15 hours ago | malware.news
malware analysis topic
Ready2Run - Is dnSpy dead? 1 day, 15 hours ago | malware.news
malware analysis topic
Security above all else—expanding Microsoft’s Secure Future Initiative 1 day, 18 hours ago | malware.news
cyberattacks cybersecurity future high +11
FBI warns of email spoofing by North Korean threat actor Kimsuky 1 day, 21 hours ago | malware.news
actor article dmarc domains +16
You get a passkey, you get a passkey, everyone should get a passkey 2 days, 1 hour ago | malware.news
accounts can consumer cracked +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Security Analyst

@ Northwestern Memorial Healthcare | Chicago, IL, United States
View on infosec-jobs.com

GRC Analyst

@ Richemont | Shelton, CT, US
View on infosec-jobs.com

Security Specialist

@ Peraton | Government Site, MD, United States
View on infosec-jobs.com

Information Assurance Security Specialist (IASS)

@ OBXtek Inc. | United States
View on infosec-jobs.com

Cyber Security Technology Analyst

@ Airbus | Bengaluru (Airbus)
View on infosec-jobs.com

Vice President, Cyber Operations Engineer

@ BlackRock | LO9-London - Drapers Gardens
View on infosec-jobs.com
View more jobs