all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

xz Utils Backdoor

Add to bookmarks
April 2, 2024, 6:50 p.m. | Bruce Schneier

Schneier on Security www.schneier.com

The cybersecurity world got really lucky last week. An intentionally placed backdoor in xz Utils, an open-source compression utility, was pretty much accidentally discovered by a Microsoft engineer—weeks before it would have been incorporated into both Debian and Red Hat Linux. From ArsTehnica:


Malicious code added to xz Utils versions 5.6.0 and 5.6.1 modified the way the software functions. The backdoor manipulated sshd, the executable file used to make remote SSH connections. Anyone in possession of a predetermined encryption …

backdoor backdoors code compression cybersecurity debian engineer hacking linux malicious malware microsoft open source red hat social engineering utility week world xz utils

Visit resource

More from www.schneier.com / Schneier on Security

Friday Squid Blogging: Squid Purses 2 days, 11 hours ago | www.schneier.com
blog blogging can guidelines +6
My TED Talks 2 days, 14 hours ago | www.schneier.com
conferences controls data internet +9
Rare Interviews with Enigma Cryptanalyst Marian Rejewski 2 days, 21 hours ago | www.schneier.com
crack cryptanalysis enigma history of cryptography +5
The UK Bans Default Passwords 3 days, 21 hours ago | www.schneier.com
act and telecommunications ban bans +19
AI Voice Scam 4 days, 21 hours ago | www.schneier.com
artificial intelligence bbc money scam +4
WhatsApp in India 5 days, 21 hours ago | www.schneier.com
courts encryption end end-to-end +5
Whale Song Code 6 days, 21 hours ago | www.schneier.com
basic broadcast code cold +18
Friday Squid Blogging: Searching for the Colossal Squid 1 week, 2 days ago | www.schneier.com
blog blogging can cruise +7
Long Article on GM Spying on Its Cars’ Drivers 1 week, 2 days ago | www.schneier.com
article cars companies data +10

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Sr Security Engineer - Colombia

@ Nubank | Colombia, Bogota
View on infosec-jobs.com

Security Engineer, Investigations - i3

@ Meta | Menlo Park, CA | Washington, DC | Remote, US
View on infosec-jobs.com

Cyber Security Engineer

@ ASSYSTEM | Bridgwater, United Kingdom
View on infosec-jobs.com

Security Analyst

@ Northwestern Memorial Healthcare | Chicago, IL, United States
View on infosec-jobs.com

GRC Analyst

@ Richemont | Shelton, CT, US
View on infosec-jobs.com

Security Specialist

@ Peraton | Government Site, MD, United States
View on infosec-jobs.com
View more jobs