🔓
Attacks & Vulnerabilities
Backdoor in xz/liblzma leading to SSH Compromise (4 minute read)
A backdoor was found in the xz/liblzma compression library, impacting Linux systems using specific OpenSSH builds. It was submitted by a core developer to the project with years of legitimate contributions. The backdoor was discovered by a user who noticed a new memory leak in the project.
AT&T confirms data breach and resets millions of customer passcodes (2 minute read)
AT&T confirmed a massive data breach impacting over 7.6 million current and 65 million former customers. The leaked information included personal details like names, emails, addresses, phone numbers, social security numbers, dates of birth, and account credentials. The company has reset affected customers' passcodes and is notifying impacted individuals.
Vulnerability Management Lifecycle in DevSecOps (10 minute read)
This blog post discusses the vulnerability management lifecycle in DevSecOps, focusing on three key stages: identification, observability, and management. The goal is to empower engineering teams to prioritize and address security risks within their digital products through technology-driven processes. The post emphasizes the importance of integrating security practices into software development to ensure a secure-by-design approach.
Mind the Patch Gap: Exploiting an io_uring Vulnerability in Ubuntu (16 minute read)
This blog post from Exodus Intel explains a vulnerability (CVE-2024-0582) in io_uring in the Linux kernel related to a use-after-free bug. The vulnerability occurs when an application registers and later unregisters a provided buffer ring with a specific flag, leading to memory issues. The post details the exploitation of this vulnerability and a data-only exploit strategy.
DinodasRAT Linux variant targets users worldwide (3 minute read)
Researchers from Kaspersky have warned that a Linux variant of the DinodasRAT backdoor is being used in attacks against users in China, Taiwan, Turkey, and Uzbekistan. Researchers discovered that it gathers sensitive data and provides complete control over infected machines. The backdoor uses encryption functions and primarily focuses on gaining access to Linux servers for espionage purposes.