tukaani News Articles
Recent news articles refferecing the vendors vulnerabilities.
KasperskyCVE-2024-3094CVE-2024-3094: malicious code in Linux distributions
Vulnerability CVE-2024-3094. The attackers implanted a backdoor into the compression utilities set XZ Utils versions 5.6.0 and 5.6.1.
The Hacker NewsCVE-2024-3094Leveraging Wazuh for Zero Trust security
Learn how Zero Trust security protects organizations by eliminating implicit trust, enabling continuous monitoring, and enhancing incident response
CVE-2024-3094 and XZ Upstream Supply Chain Attack | CrowdStrike
Learn about the CVE-2024-3094 and XZ Upstream Supply Chain Attack and how CrowdStrike is protecting its customers from exploitation.
Online xz utility backdoor scanning tool issued
Binarly has issued a free online tool that would facilitate scanning a newly discovered backdoor and maximum severity vulnerability in xz tools and libraries used by major Linux distributions, tracked as CVE-2024-3094, across Linux binaries amid significant security risks, according to Security Affa...
InfoSec Write-upsCve – InfoSec Write-ups
Read writing about Cve in InfoSec Write-ups. A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. Subscribe to our weekly newsletter for the coolest infosec updates: https://weekly...
Qualys Security BlogCVE-2024-3094XZ Utils SSHd Backdoor | Qualys Security Blog
On March 29th, 2024, security researcher Andres Freund discovered a backdoor in XZ Utils versions 5.6.0 and 5.6.1. Under certain conditions…
SentinelOneCVE-2024-3094XZ Utils Backdoor | Threat Actor Planned To Inject Further Vulnerabilities
Analysis suggests that CVE-2024-3094, a backdoor deliberately planted into XZ Utils, may have been only the first on the threat actor's agenda.
TaniumCVE-2024-3094CVE-2024-3094: XZ Utils Backdoor Threatens Linux Systems | Tanium
A malicious backdoor was recently discovered in a component of the open-source XZ Utils tool, posing a threat to some Linux systems. The vulnerability is currently being tracked as CVE-2024-3094. Most...
CrowdStrikeCVE-2024-3094CVE-2024-3094 and XZ Upstream Supply Chain Attack | CrowdStrike
Learn about the CVE-2024-3094 and XZ Upstream Supply Chain Attack and how CrowdStrike is protecting its customers from exploitation.
Information Security NewspaperCVE-2024-3094How to Check if a Linux Distribution is Compromised by the XZ Utils Backdoor in 6 Steps
How to Check if a Linux Distribution is Compromised by the XZ Utils Backdoor in 6 Steps - Data Security - Information Security Newspaper | Hacking News
Security AffairsCVE-2024-3094Binarly released a free online scanner to detect the CVE-2024-3094 Backdoor
Researchers from the firmware security firm Binarly released a free online scanner to detect the CVE-2024-3094 Backdoor
New XZ backdoor scanner detects implant in any Linux binary
Firmware security firm Binarly has released a free online scanner to detect Linux executables impacted by the XZ Utils supply chain attack, tracked as CVE-2024-3094.
The Hacker NewsCVE-2024-3094Malicious Code in XZ Utils for Linux Systems Enables Remote Code Execution
Popular Linux compression tool XZ Utils found with backdoor. Threat actors can remotely execute code on your machine, bypassing authentication.
thecyberthrone.inApril 2024 – TheCyberThrone
1 post published by PravinKarthik during April 2024
NeowinCVE-2024-3094Microsoft employee accidentally saves global Linux meltdown from CVE-2024-3094 XZ backdoor
A curious Microsoft employee has saved the world from a potential global meltdown as several Linux distros were found vulnerable to an XZ backdoor tracked under CVE-2024-3094 (CVSS score of 10.0).
The Cyber ExpressCVE-2024-3094XZ Utils Backdoor (CVE-2024-3094) Leads To SSH Compromise
The critical XZ Utils backdoor (CVE-2024-3094 vulnerability) impacts Linux systems, potentially granting unauthorized SSH access.
HackreadCVE-2024-3094Backdoor Discovered in XZ Utils: Patch Your Systems Now (CVE-2024-3094)
A vulnerability, CVE-2024-3094, was discovered in XZ Utils package. This vulnerability threatens Linux systems with backdoor attacks.
HackreadCVE-2024-3094Backdoor Discovered in XZ Utils: Patch Your Systems Now (CVE-2024-3094)
A vulnerability, CVE-2024-3094, was discovered in XZ Utils package. This vulnerability threatens Linux systems with backdoor attacks.
XZ Utils Backdoor Implanted in Intricate Supply Chain Attack
Had a researcher not spotted the malware when he did, the outcome could have been much worse.
SonatypeCVE-2024-3094CVE-2024-3094 The targeted backdoor supply chain attack against XZ and liblzma
Learn about a new, targeted backdoor supply chain attack against the popular XZ compression utility seen in many Linux distributions such as fedora and debian. Understand its impact, potential risks and what you can do about it.
CybersecurityNewsCVE-2024-3094Urgent Security Alert! Upstream Supply Chain Attack Lead to SSH Compromise
Fedora Linux 40 beta users have been urged to take immediate action after an Upstream supply chain attack that has compromised SSH protocol.
March 2024 – TheCyberThrone
8 posts published by PravinKarthik during March 2024
Urgent: Secret Backdoor Found in XZ Utils Library, Impacts Major Linux Distros
Secret backdoor found in XZ Utils compression library used by major Linux distros, like Fedora, Kali Linux, and openSUSE.
Are You Affected by the Backdoor in XZ Utils?
In this Tech Tip, we outline how to check if a system is impacted by the newly discovered backdoor in the open source xz compression utility.
Backdoor in utility commonly used by Linux distros risks SSH compromise
The critical supply chain threat affects beta releases of Red Hat Fedora, Debian and more.
wiz.ioCVE-2024-3094CVE-2024-3094: Critical RCE Vulnerability Found in XZ Utils | Wiz Blog
CVE-2024-3094 is a malicious code vulnerability in versions 5.6.0 and 5.6.1 of XZ Utils, enabling an SSH authentication bypass in certain Linux distributions
DataBreaches.netCVE-2024-3094CISA Alert: Reported Supply Chain Compromise Affecting XZ Utils Data Compression Library, CVE-2024-3094 - DataBreaches.net
CISA Alert of March 29, 2024: CISA and the open source community are responding to reports of malicious code being embedded in XZ Utils versions 5.6.0 and 5.6.1. This activity was assigned CVE-2024-3094. XZ Utils is data compression software and may be present in Linux distributions. The malicious c...
Help Net SecurityCVE-2024-3094Beware! Backdoor found in XZ utilities used by many Linux distros (CVE-2024-3094) - Help Net Security
A vulnerability (CVE-2024-3094) in XZ Utils may enable a malicious actor to gain unauthorized access to Linux systems remotely.
Red Hat warns of backdoor in XZ tools used by most Linux distros
Today, Red Hat warned users to immediately stop using systems running Fedora development and experimental versions because of a backdoor found in the latest XZ Utils data compression tools and libraries.