XZ Backdoor 😅

#Linux #Technology

I've been reverse engineering the xz backdoor this weekend and have documented the payload format and written a proof-of-concept exploit for the RCE. The payloads are signed with an ED448 key, so I patched my own key into the backdoor for testing. :-)

github.com/amlweems/xzbot

Linux users after xz backdoor discovered 🐧🐧

That’s how the xz backdoor was discovered 😂

How the #XZUtils SSHD backdoor works.

#ThreatHunting #DFIR #xzbackdoor

Based on Anthony Weems POC

battle of backdoors

udemy.com/course/windows…

#infosec #redteam #malware #hacking #XZBackdoor

Fresh from Binarly REsearch team: We’ve completed an in-depth analysis of the #XZbackdoor , from initialization to the main hook enabling remote access.

Dive into our validated breakdown of techniques and backdoor functionalities, complete with proofs.
github.com/binarly-io/bin…

XZ backdoor is a reminder to show our support (emotionally and $$$) to the small open source projects we are all using, that are maintained by solo people...

Check the packages you use in your project, find the maintainers github, and drop a kind word/send them money! (even $5)

Part two of our analysis of the #XZbackdoor reveals a dual-layered strategy employed by attackers, combining social engineering with advanced technical exploitation to compromise the integrity of XZ Utils.

Full report ⇒ kas.pr/w27p #CyberSecurity

W kwietniowych #SUSENews zapraszamy na bezpłatne warsztaty online z zarządzania i zabezpieczania #Kubernetes i skonteneryzowanych aplikacji. Publikujemy nagrania sesji z #OpenSourceDay . Piszemy jak chronić się przed XZ Backdoor CVE-2024-3094.

👉Sprawdź: okt.to/mo9ODj

🔥 XZ Backdoor / Linux Güvenlik Zaafiyeti Hakkında CVE-2024-3094

- Andres Freund adlı bir mühendis yakın zamanda Debian sisteminde SSH oturum açma işlemlerinin çok fazla CPU tükettiğini farkedince işletim sistemini izlemeye / incelemeye başlıyor ve dikkati sayesinde bu…

I have read excellent discussions about XZ backdoor (CVE-2024-3094: nvd.nist.gov/vuln/detail/CV… - Base Score: 10.0 CRITICAL), but one pending question is: whoever has done it, was it an one-off effort or were multiple other open source projects compromised?

#xzbackdoor #cve

It's been a while. I wrote a blog post instead of writing a thread here. I hope you're not tired of xz backdoor discourse yet.

CVE-2024-1086 (Local Privilege Escalation)
-
While the xz backdoor was all over the place, this incredible exploit seemed to 'slip' by!
-
This is working on most Linux kernels from 5.14 to v6.6
-
Repo: github.com/Notselwyn/CVE-…
-
Creator: Lau

Codeium backdoor >> xz backdoor

We're just one day away from the second edition of FOSS Conference in Mumbai! Here's the schedule we've planned for the day!

We have a great line up of speakers with a special panel discussion inspired from the XZ Backdoor Story!

Very much excited to see you folks!

The recent xz backdoor discovery has again demonstrated that this xkcd comic is a sad reality.

It must be a top priority of the next digital Commissioner to strengthen the world's infrastructure by increasing the support for Free and Open Source Software.

How I feel about opensource after the #xz backdoor

W kwietniowych #SUSENews zapraszamy na bezpłatne warsztaty online z zarządzania i zabezpieczania #Kubernetes i skonteneryzowanych aplikacji. Publikujemy nagrania sesji z #OpenSourceDay . Piszemy jak chronić się przed XZ Backdoor CVE-2024-3094.

👉Sprawdź: okt.to/JkrV2T