A possible supply chain breach leads to a backdoor…
One of the biggest in a while
Greetings, readers, from Hanoi - the home place of Pho.
Being in cybersecurity means you are not really off. I was not planning to publish an edition this week, but I guess long weekends and cybersecurity don’t go well with each other.
Our dev team brought to my notice a rather big vulnerability in XZ utils (a zip utility in Linux). The utility gets loaded when you SSH into the system.
Read this for more detail:
https://thehackernews.com/2024/03/urgent-secret-backdoor-found-in-xz.html
I will do a detailed note next week. For now, please check if your Linux servers are vulnerable.
A couple of tips from my dev team - read this thread for better undertstandin:
https://x.com/_ruby/status/1774073953440747664?s=46&t=LGpNMHnc3gc2WHTL7CR35A
and don’t check version by using
xz -V
Instead use
strings `which xz` | grep "(XZ Utils)"
This will not execute the utility.
This is a quick and dirty post for readers to take quick action. Please do your research and implement fixes.