Tag

Xz Utils

All articles tagged with #xz utils

technology1 year ago•4 min saved

"Unveiling the XZ Backdoor: How One Engineer Stopped a Devastating Cyberattack"

A Microsoft engineer discovered that the open source software program XZ Utils had been sabotaged by a developer, potentially creating a backdoor to millions of servers. The developer, believed to be a pseudonym for an expert hacker or group, introduced a nearly invisible backdoor into XZ. The near-miss has raised concerns about the safety of open source software and the need to protect it from well-resourced spies. Government officials and cybersecurity agencies are discussing how to better protect open source code, with calls for tech companies to contribute resources to the open source ecosystem.

via Inc.|

#cybersecurity #microsoft #open-source-software

cybersecurity1 year ago•0 min saved

Unveiling the XZ Utils Linux Backdoor Mastermind, 'Jia Tan'

Security experts are investigating the identity of "Jia Tan," the coder responsible for the XZ Utils Linux backdoor, suspecting that they may not have acted alone due to the backdoor's sophisticated design and long-term plan. Research suggests that Tan's uploads were linked to China's time zone, with some occurring during notable Chinese holidays, raising questions about their potential connections and motives.

via The Verge|

#coding #cybersecurity #jia-tan

cybersecurity1 year ago•8 min saved

Uncovering the XZ Backdoor Mastermind: A Stealth Attack on Linux Encryption

The discovery of a backdoor in the XZ Utils compression utility has revealed a sophisticated software supply chain attack orchestrated by a mysterious figure known as Jia Tan. This individual, suspected to be a state-sponsored hacker or group, spent years building credibility in the open source community before inserting the backdoor. Despite efforts to remain anonymous, clues such as time zone discrepancies and technical hallmarks point to potential ties to Russia's APT29 hacking group. The incident underscores the growing threat of supply chain attacks and the need for heightened vigilance in open source software development.

via WIRED|

#cybersecurity #jia-tan #open-source

cybersecurity1 year ago•2 min saved

"Unveiling the XZ Backdoor: Thwarting Cyber-Attacks and Detecting Implants in Linux Binaries"

Binarly has released an online scanner to detect Linux executables affected by the XZ Utils supply chain attack, CVE-2024-3094. The backdoor, discovered by a Microsoft engineer, was introduced in XZ version 5.6.0 and remained in 5.6.1, impacting a few Linux distributions. Binarly's scanner uses static analysis to identify tampering of transitions in GNU Indirect Function and can detect similar backdoors in other projects. The scanner is available online for unlimited free checks, with a free API for bulk scans also available.

via BleepingComputer|

#backdoor #binarly #cybersecurity

firmware-security-vulnerability1 year ago•3 min saved

"Detecting and Defending Against the XZ Backdoor in Linux Systems"

Malicious code was discovered in the widely used XZ Utils library for Linux systems, enabling remote code execution and bypassing secure shell authentication. The backdoor was introduced by a project maintainer named Jia Tan, who gained credibility over two years and eventually added the malicious code to the XZ Utils release. The sophisticated supply chain attack highlights the potential risks associated with open-source software and the need for organizations to adopt tools and processes to identify tampering and malicious features in their development pipeline.

via The Hacker News|

#firmware-security-vulnerability #linux #open-source-software

cybersecurity1 year ago•7 min saved

"Uncovering the Linux xz Utils Backdoor: A Supply Chain Hack Alert"

A backdoor was discovered in xz Utils, a widely used data compression utility in Linux and Unix-like systems, allowing unauthorized access with root privileges through SSH. The backdoor was nearly merged into major Linux distributions, and its creator, Jia Tan, has a mysterious online presence. The attack involved years of planning and manipulation of open-source projects, and the malicious code was designed to be stealthy and targeted specific system configurations. Multiple researchers have analyzed the backdoor's components, and the incident serves as a cautionary tale for the security of open-source software supply chains.

via Ars Technica|

#backdoor #cybersecurity #linux

cybersecurity1 year ago•10 min saved

"Years-Long Hacking Plot Uncovered: Critical Backdoor Found in Popular Linux Utility"

The widely used file compression software "xz utils" has been found to contain a cleverly embedded backdoor, allowing unauthorized access to shell login connections. The backdoor was discovered in versions 5.6.0 and 5.6.1, added by a GitHub user named "Jia Tan." The malicious code made its way into various Linux distributions and third-party package managers, posing a significant security risk to internet-enabled devices. The discovery has raised concerns about the security of open-source software and the potential for malicious code to be injected during the compiling process.

via Unicorn Riot|

#backdoor #cybersecurity #hacking

technologysecurity1 year ago•2 min saved

"Warning: XZ Utils Backdoor Threatens Linux Security"

RedHat issued an urgent security alert after discovering a backdoor in XZ Utils versions 5.6.0 and 5.6.1, impacting major Linux distributions. The malicious code, with a maximum severity CVSS score, allows unauthorized remote access and interferes with the sshd daemon process. The compromised packages are present in Fedora 41 and Fedora Rawhide, prompting recommendations for users to downgrade to a safe version. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has advised users to downgrade XZ Utils to an uncompromised version.

via The Hacker News|

#cybersecurity #linux #redhat

cybersecurity1 year ago•2 min saved

"Security Alert: Malicious Backdoor Discovered in XZ Utils for Linux"

Red Hat issued an urgent security alert warning of malicious code embedded in certain versions of XZ Utils, impacting certain Fedora Linux distribution versions and potentially allowing unauthorized access to systems. The affected versions are 5.6.0 and 5.6.1, present in Fedora 41 and Fedora Rawhide. Red Hat advised users to stop using Fedora Rawhide instances and downgrade to a safe version. No versions of Red Hat Enterprise Linux are affected, but other distributions like Debian unstable may also be impacted. CISA recommended downgrading XZ Utils to a safe version and hunting for any malicious activity.

via Duo Security|

#cisa #cybersecurity #linux

cybersecurity1 year ago•4 min saved

Critical Backdoor Discovered in XZ Utilities Compromises Linux Security

Malicious code was discovered in the widely used xz Utils compression tool, affecting versions 5.6.0 and 5.6.1, which made its way into beta releases of major Linux distributions, including Red Hat and Debian. The backdoor was designed to break SSH authentication, potentially allowing unauthorized access to systems. While the malicious versions were caught before being added to production releases, users are advised to check with their distributors to determine if their systems are affected.

via Ars Technica|

#backdoor #cybersecurity #linux

technology1 year ago•3 min saved

"Critical Backdoor Alert: XZ Utilities Compromise Linux Distros"

A backdoor vulnerability (CVE-2024-3094) has been found in XZ Utils, the XZ format compression utilities included in many Linux distributions, allowing unauthorized access to the entire system remotely. The malicious code was discovered in versions 5.6.0 and 5.6.1 of the xz libraries, affecting various Linux distros. Red Hat, SUSE, and Debian have released fixes, while CISA has advised downgrading to uncompromised versions and monitoring for malicious activity. Kali Linux users are urged to apply the latest updates to address the issue.

via Help Net Security|

#cve-2024-3094 #linux #security

technology1 year ago•2 min saved

"Linux Supply Chain Hack: Red Hat Warns of Critical XZ Utils Backdoor"

Red Hat has warned users to stop using systems running Fedora development and experimental versions due to a backdoor found in the latest XZ Utils data compression tools and libraries. The backdoor, present in XZ versions 5.6.0 and 5.6.1, could potentially enable unauthorized access to systems running affected versions. Red Hat has reverted to 5.4.x versions of XZ in Fedora 40 beta and is tracking the issue as CVE-2024-3094 with a critical severity score. Users are advised to downgrade to an uncompromised XZ version and to monitor their systems for any malicious activity.

via BleepingComputer|

#backdoor #linux #red-hat

cybersecurity1 year ago•0 min saved

"Critical Backdoor Compromise in XZ Utils Library Affects Linux Distributions"

CISA and the open source community are addressing reports of malicious code found in XZ Utils versions 5.6.0 and 5.6.1, potentially allowing unauthorized access to affected systems. Users are advised to downgrade to a secure version, such as XZ Utils 5.4.6 Stable, and to report any suspicious activity to CISA.

via CISA|

#cisa #cve-2024-3094 #cybersecurity