all InfoSec news
Xz Utils Backdoor
Malware Analysis, News and Indicators - Latest topics malware.news
The cybersecurity world got really lucky last week. An intentionally placed backdoor in xz Utils, an open-source compression utility, was pretty much accidentally discovered by a Microsoft engineer—weeks before it would have been incorporated into both Debian and Red Hat Linux. From ArsTehnica:
Malicious code added to xz Utils versions 5.6.0 and 5.6.1 modified the way the software functions. The backdoor manipulated sshd, the executable file used to make remote SSH connections. Anyone in possession of a predetermined encryption …
backdoor code compression cybersecurity debian engineer linux malicious microsoft red hat utility week world xz utils