Evan Boehs has provided a detailed analysis and timeline of the xz Utils backdoor. Evan has gone in detail into the why of the compromise, how the threat actor leveraged the culture of the open source software community to gain the trust and experience needed to attempt rolling a malicious backdoor out to a very … Read More “ADDITIONAL ANALYSIS ON THE xz Utils BACKDOOR” »
Category: Uncategorized
Uncategorized, Vulnerability
Uncategorized, Vulnerability
Malicious code has been detected in xz Utils that appears to be intended to create a backdoor in sshd. xz Utils is a common compression utility used in many Linux distros including Debian and Red Hat. according to a researcher from Analygence the malicious versions of xz Utils were not added to production versions of … Read More “BACKDOOR IN WIDELY USED Linux UTILITY TARGETS SSH CONNECTIONS” »