Security News > 2024 > March

XZ Utils backdoor update: Which Linux distros are affected and what can you do?
2024-03-31 18:01

The problem, he found, was in the liblzma data compression library, which is part of the XZ package, and he concluded that "The upstream xz repository and the xz tarballs have been backdoored."Which Linux distributions have been affected by the backdoored XZ packages?

Rust developers at Google are twice as productive as C++ teams
2024-03-31 16:33

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

DinodasRAT malware targets Linux servers in espionage campaign
2024-03-31 14:35

The Linux variant of the malware has not been described publicly, although the first version has been tracked to 2021. Cybersecurity company ESET has previously seen DinodasRAT compromising Windows systems in an espionage campaign dubbed 'Operation Jacana,' that targeted government entities.

It's surprisingly difficult for AI to create just a plain white image
2024-03-31 11:38

My research colleague and data scientist Cody Nash met with one such encounter when he pondered "Can AI Create a White Painting?". All Nash wanted from AI was an image of a plain, pure, white background; in color-code lingo, the color #FFFFFF or RGB(255,255,255).

#AI
Week in review: Backdoor found in XZ utilities, weaponized iMessages, Exchange servers at risk
2024-03-31 08:00

Beware! Backdoor found in XZ utilities used by many Linux distrosA vulnerability in XZ Utils, the XZ format compression utilities included in most Linux distributions, may "Enable a malicious actor to break sshd authentication and gain unauthorized access to the entire system remotely," Red Hat warns. Drozer: Open-source Android security assessment frameworkDrozer is an open-source security testing framework for Android, whose primary purpose is to make the life of mobile application security testers easier.

AT&T confirms data for 73 million customers leaked on hacker forum
2024-03-30 16:52

AT&T has finally confirmed it is impacted by a data breach affecting 73 million current and former customers after initially denying the leaked data originated from them. While the company continues to say there is no indication their systems were breached, it has now confirmed that the leaked data belongs to 73 million current and former customers.

Vultur banking malware for Android poses as McAfee Security app
2024-03-30 15:56

Security researchers found a new version of the Vultur banking trojan for Android that includes more advanced remote control capabilities and an improved evasion mechanism. A report from Fox-IT, part of the NCC Group, warns that a new, more evasive version of Vultur spreads to victims through a hybrid attack that relies on smishing and phone calls that trick the targets into installing a version of the malware that masquerades as the McAfee Security app.

Hackers Target macOS Users with Malicious Ads Spreading Stealer Malware
2024-03-30 07:16

Malicious ads and bogus websites are acting as a conduit to deliver two different stealer malware, including Atomic Stealer, targeting Apple macOS users. The ongoing infostealer attacks targeting...

Urgent: Secret Backdoor Found in XZ Utils Library, Impacts Major Linux Distros
2024-03-30 05:23

RedHat on Friday released an "urgent security alert" warning that two versions of a popular data compression library called XZ Utils (previously LZMA Utils) have been backdoored with malicious...

Malicious SSH backdoor sneaks into xz, Linux world's data compression library
2024-03-29 21:58

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.