Security News

New XZ backdoor scanner detects implant in any Linux binary
2024-04-02 14:33

Firmware security firm Binarly has released a free online scanner to detect Linux executables impacted by the XZ Utils supply chain attack, tracked as CVE-2024-3094. Late last month, Microsoft engineer Andres Freud discovered the backdoor in the latest version of the XZ Utils package while investigating unusually slow SSH logins on Debian Sid, a rolling release of the Linux distribution.

Malicious xz backdoor reveals fragility of open source
2024-04-01 21:16

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

XZ Utils backdoor update: Which Linux distros are affected and what can you do?
2024-03-31 18:01

The problem, he found, was in the liblzma data compression library, which is part of the XZ package, and he concluded that "The upstream xz repository and the xz tarballs have been backdoored."Which Linux distributions have been affected by the backdoored XZ packages?

Week in review: Backdoor found in XZ utilities, weaponized iMessages, Exchange servers at risk
2024-03-31 08:00

Beware! Backdoor found in XZ utilities used by many Linux distrosA vulnerability in XZ Utils, the XZ format compression utilities included in most Linux distributions, may "Enable a malicious actor to break sshd authentication and gain unauthorized access to the entire system remotely," Red Hat warns. Drozer: Open-source Android security assessment frameworkDrozer is an open-source security testing framework for Android, whose primary purpose is to make the life of mobile application security testers easier.

Urgent: Secret Backdoor Found in XZ Utils Library, Impacts Major Linux Distros
2024-03-30 05:23

RedHat on Friday released an "urgent security alert" warning that two versions of a popular data compression library called XZ Utils (previously LZMA Utils) have been backdoored with malicious...

Malicious SSH backdoor sneaks into xz, Linux world's data compression library
2024-03-29 21:58

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Beware! Backdoor found in XZ utilities used by many Linux distros (CVE-2024-3094)
2024-03-29 18:21

A vulnerability in XZ Utils, the XZ format compression utilities included in most Linux distributions, may "Enable a malicious actor to break sshd authentication and gain unauthorized access to the entire system remotely," Red Hat warns. The cause of the vulnerability is actually malicious code present in versions 5.6.0 and 5.6.1 of the xz libraries, which was accidentally found by Andres Freund, a PostgreSQL developer and software engineer at Microsoft.

Red Hat warns of backdoor in XZ tools used by most Linux distros
2024-03-29 17:50

Today, Red Hat warned users to immediately stop using systems running Fedora development versions because of a backdoor found in the latest XZ Utils data compression tools and libraries. "No versions of Red Hat Enterprise Linux are affected. We have reports and evidence of the injections successfully building in xz 5.6.x versions built for Debian unstable."

New Backdoor Targeting European Officials Linked to Indian Diplomatic Events
2024-02-29 08:19

A previously undocumented threat actor dubbed SPIKEDWINE has been observed targeting officials in European countries with Indian diplomatic missions using a new backdoor called WINELOADER. The...

Malicious AI models on Hugging Face backdoor users’ machines
2024-02-28 22:12

At least 100 instances of malicious AI ML models were found on the Hugging Face platform, some of which can execute code on the victim's machine, giving attackers a persistent backdoor. JFrog's security team found that roughly a hundred models hosted on the platform feature malicious functionality, posing a significant risk of data breaches and espionage attacks.