Lucene search
K

39 matches found

securelist
securelist
added 2024/09/03 8:0 a.m.46 views

IT threat evolution Q2 2024

Targeted attacks XZ backdoor: a supply chain attack in the making On March 29, a message on the Openwall oss-security mailing list announced the discovery of a backdoor in XZ, a compression utility included in many popular Linux distributions. The backdoored library is used by the OpenSSH server...

10CVSS9.5AI score0.85974EPSS
Exploits42
securelist
securelist
added 2024/08/13 12:0 p.m.40 views

APT trends report Q2 2024

For over six years now, Kasperskys Global Research and Analysis Team GReAT has been sharing quarterly updates on advanced persistent threats APTs. These summaries draw on our threat intelligence research, offering a representative overview of what weve published and discussed in more detail in ou...

10CVSS8.2AI score0.85974EPSS
Exploits40
githubexploit
githubexploit
added 2024/06/11 2:19 p.m.282 views

Exploit for Embedded Malicious Code in Tukaani Xz

CVE-2024-3094 Basic POC to test CVE-2024-3094 vulnerability in...

10CVSS10AI score0.85974EPSS
Exploits40
rosalinux
rosalinux
added 2024/04/23 12:23 p.m.70 views

Advisory ROSA-SA-2024-2409

Software: xz 5.2.2 OS: rosa-server79 packageevrstring: xz-5.2.2.2-2 CVE-ID: CVE-2024-3094 BDU-ID: 2024-02406 CVE-Crit: CRITICAL. CVE-DESC.: Malicious code was discovered in xz source archives starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts...

10CVSS9.6AI score0.85974EPSS
Exploits40
securelist
securelist
added 2024/04/12 8:0 a.m.67 views

XZ backdoor story – Initial analysis

On March 29, 2024, a single message on the Openwall OSS-security mailing list marked an important discovery for the information security, open source and Linux communities: the discovery of a malicious backdoor in XZ. XZ is a compression utility integrated into many popular distributions of Linux...

7.5CVSS9.3AI score0.85974EPSS
Exploits40
githubexploit
githubexploit
added 2024/04/04 6:40 a.m.311 views

Exploit for Embedded Malicious Code in Tukaani Xz

How to detect the CVE-2024-3094 I'll walk through the step-by...

10CVSS9.9AI score0.85974EPSS
Exploits40
githubexploit
githubexploit
added 2024/04/03 10:19 p.m.251 views

Exploit for Embedded Malicious Code in Tukaani Xz

CVE-2024-3094 Checker The CVE-2024-3094 Checker is a powerful...

10CVSS9.8AI score0.85974EPSS
Exploits40
githubexploit
githubexploit
added 2024/04/03 7:10 p.m.271 views

Exploit for Embedded Malicious Code in Tukaani Xz

CVE-2024-3094-Checker The repository consists of a checker fil...

10CVSS10AI score0.85974EPSS
Exploits40
githubexploit
githubexploit
added 2024/04/03 1:9 p.m.203 views

Exploit for Embedded Malicious Code in Tukaani Xz

xz-backdoor-CVE-2024-3094-Check Verify if your installed versi...

10CVSS9.8AI score0.85974EPSS
Exploits40
githubexploit
githubexploit
added 2024/04/03 10:50 a.m.340 views

Exploit for Embedded Malicious Code in Tukaani Xz

CVE-2024-3094 SSH Backdoor Container Env This is an environme...

10CVSS10AI score0.85974EPSS
Exploits40
arista
arista
added 2024/04/03 12:0 a.m.55 views

Security Advisory 0095

Security Advisory 0095 PDF Date: April 3, 2024 Revision | Date | Changes ---|---|--- 1.0 | April 3, 2024 | Initial release The CVE-ID tracking this issue: CVE-2024-3094 CVSSv3.1 Base Score: 10.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Description Arista Networks is providing this security...

10CVSS9.4AI score0.85974EPSS
Exploits40
githubexploit
githubexploit
added 2024/04/02 8:17 p.m.284 views

Exploit for Embedded Malicious Code in Tukaani Xz

apocalypxze: xz backdoor 2024 AKA CVE-2024-3094 related links...

10CVSS9.9AI score0.85974EPSS
Exploits40
thn
thn
added 2024/04/02 1:18 p.m.78 views

Malicious Code in XZ Utils for Linux Systems Enables Remote Code Execution

The malicious code inserted into the open-source library XZ Utils, a widely used package present in major Linux distributions, is also capable of facilitating remote code execution, a new analysis has revealed. The audacious supply chain compromise, tracked as CVE-2024-3094 CVSS score: 10.0, came...

10CVSS10AI score0.85974EPSS
Exploits40
hackread
hackread
added 2024/04/01 11:17 p.m.35 views

Backdoor Discovered in XZ Utils: Patch Your Systems Now (CVE-2024-3094)

By Waqas Critical Backdoor Alert! Patch XZ Utils Now CVE-2024-3094 & Secure Your Linux System. Learn how a hidden backdoor… This is a post from HackRead.com Read the original post: Backdoor Discovered in XZ Utils: Patch Your Systems Now CVE-2024-3094...

7.5CVSS6.9AI score0.85974EPSS
Exploits40
paloalto
paloalto
added 2024/04/01 7:30 p.m.34 views

Informational: Impact of Malicious Code in XZ Tools and Libraries (CVE-2024-3094)

The Palo Alto Networks Product Security Assurance team has evaluated the supply chain compromise impacting versions 5.6.0 and 5.6.1 of XZ tools and libraries. These versions of the software may allow unauthorized access to affected systems. Based on the information presently known, Palo Alto...

10CVSS6.7AI score0.85974EPSS
Exploits40References1
rapid7blog
rapid7blog
added 2024/04/01 5:13 p.m.73 views

Backdoored XZ Utils (CVE-2024-3094)

On Friday, March 29, after investigating anomalous behavior in his Debian sid environment, developer Andres Freund contacted an open-source security mailing list to share that he had discovered an upstream backdoor in widely used command line tool XZ Utils liblzma. The backdoor, added by an...

7.5CVSS9.8AI score0.85974EPSS
Exploits40
githubexploit
githubexploit
added 2024/04/01 3:15 p.m.337 views

Exploit for Embedded Malicious Code in Tukaani Xz

CVE-2024-3094 CVE-2024-3094 checker - Golang Ps.: This versio...

10CVSS9.9AI score0.85974EPSS
Exploits40
githubexploit
githubexploit
added 2024/04/01 12:41 p.m.269 views

Exploit for Embedded Malicious Code in Tukaani Xz

CVE-2024-3094 I've moved my notes in Obsidian to a separate v...

10CVSS9.9AI score0.85974EPSS
Exploits40
githubexploit
githubexploit
added 2024/04/01 9:5 a.m.236 views

Exploit for Embedded Malicious Code in Tukaani Xz

CVE-2024-3094-info - https://github.com/lockness-Ko/xz-vulner...

10CVSS10AI score0.85974EPSS
Exploits40
githubexploit
githubexploit
added 2024/04/01 1:56 a.m.309 views

Exploit for Embedded Malicious Code in Tukaani Xz

Vulnerability Overview XZ is a data compression format that e...

10CVSS7.5AI score0.85974EPSS
Exploits40
Rows per page
Query Builder