|
XZ Utils Backdoor
In February 2024, a malware, malicious Backdoor (computing), backdoor was introduced to the Linux build of the XZ Utils, xz utility within the liblzma library in versions 5.6.0 and 5.6.1 by an account using the name "Jia Tan". The backdoor gives an attacker who possesses a specific Ed448 private key remote code execution through OpenSSH on the affected Linux system. The issue has been given the Common Vulnerabilities and Exposures number and has been assigned a Common Vulnerability Scoring System, CVSS score of 10.0, the highest possible score. While xz is commonly present in most Linux distribution, Linux distributions, at the time of discovery the backdoored version had not yet been widely deployed to Deployment environment#Production, production systems, but was present in development versions of major distributions. The backdoor was discovered by the software developer Andres Freund, who announced his findings on 29 March 2024. Background Microsoft employee and PostgreSQL d ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
XZ Utils
XZ Utils (previously LZMA Utils) is a set of free software command-line lossless data compressors, including the programs lzma and xz, for Unix-like operating systems and, from version 5.0 onwards, Microsoft Windows. For compression/decompression the Lempel–Ziv–Markov chain algorithm (LZMA) is used. XZ Utils started as a Unix port of Igor Pavlov's LZMA- SDK that has been adapted to fit seamlessly into Unix environments and their usual structure and behavior. Features XZ Utils can compress and decompress the ''xz'' and ''lzma'' file formats. Since the LZMA format has been considered legacy, XZ Utils by default compresses to xz. In addition, decompression of the .lz format used by lzip is supported since version 5.3.4. In most cases, xz achieves higher compression rates than alternatives like zip, gzip and bzip2. Decompression speed is higher than bzip2, but lower than gzip. Compression can be much slower than gzip, and is slower than bzip2 for high levels of comp ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Systemd
systemd is a software suite that provides an array of system components for Linux operating systems. The main aim is to unify service configuration and behavior across Linux distributions. Its primary component is a "system and service manager" — an init system used to Bootstrapping, bootstrap user space and manage process (computing), user processes. It also provides replacements for various Daemon (computing), daemons and utilities, including device management, login management, network connection management, and event logging. The name ''systemd'' adheres to the Unix convention of naming daemons by appending the letter ''d''. It also plays on the term "System D", which refers to a person's ability to adapt quickly and improvise to solve problems. Since 2015, the majority of Linux distributions have adopted systemd, having replaced other init systems such as SysV init. It has been praised by developers and users of distributions that adopted it for providing a stable, ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Glibc
The GNU C Library, commonly known as glibc, is the GNU Project implementation of the C standard library. It provides a wrapper around the system calls of the Linux kernel and other kernels for application use. Despite its name, it now also directly supports C++ (and, indirectly, other programming languages). It was started in the 1980s by the Free Software Foundation (FSF) for the GNU operating system. glibc is free software released under the GNU Lesser General Public License. The GNU C Library project provides the core libraries for the GNU system, as well as many systems that use Linux kernel, Linux as the kernel (operating system), kernel. These libraries provide critical APIs including ISO C11 (C standard revision), C11, POSIX.1-2008, Berkeley Software Distribution, BSD, OS-specific APIs and more. These APIs include such foundational facilities as open (system call), open, read (system call), read, write (system call), write, malloc, printf format string, printf, getaddrin ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Git Repository
Git () is a distributed version control system that tracks versions of files. It is often used to control source code by programmers who are developing software collaboratively. Design goals of Git include speed, data integrity, and support for distributed, non-linear workflows — thousands of parallel branches running on different computers. "So I'm writing some scripts to try to track things a whole lot faster." As with most other distributed version control systems, and unlike most client–server systems, Git maintains a local copy of the entire repository, also known as "repo", with history and version-tracking abilities, independent of network access or a central server. A repository is stored on each computer in a standard directory with additional, hidden files to provide version control capabilities. Git provides features to synchronize changes between repositories that share history; copied (cloned) from each other. For collaboration, Git supports synchro ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Remote Access Service
A remote access service (RAS) is any combination of hardware and software to enable the remote access tools or information that typically reside on a network of IT devices. A remote access service connects a client to a host computer, known as a remote access server. The most common approach to this service is remote control of a computer by using another device which needs internet or any other network connection. The connection steps: User dials into a PC at the office. Then the office PC logs into a file server where the needed information is stored. The remote PC takes control of the office PC's monitor and keyboard, allowing the remote user to view and manipulate information, execute commands, and exchange files. Many computer manufacturers and large businesses' help desks use this service widely for technical troubleshooting of their customers' problems. Therefore you can find various professional first-party, third-party, open source, and freeware remote desktop ap ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Authentication Protocol
An authentication protocol is a type of computer communications protocol or cryptographic protocol specifically designed for transfer of authentication data between two entities. It allows the receiving entity to authenticate the connecting entity (e.g. Client connecting to a Server) as well as authenticate itself to the connecting entity (Server to a client) by declaring the type of information needed for authentication as well as syntax. It is the most important layer of protection needed for secure communication within computer networks. Purpose With the increasing amount of trustworthy information being accessible over the network, the need for keeping unauthorized persons from access to this data emerged. Stealing someone's identity is easy in the computing world - special verification methods had to be invented to find out whether the person/computer requesting data is really who he says he is. The task of the authentication protocol is to specify the exact series of steps n ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Exploit (computer Security)
An exploit is a method or piece of code that takes advantage of Vulnerability (computer security), vulnerabilities in software, Application software, applications, Computer network, networks, operating systems, or Computer hardware, hardware, typically for malicious purposes. The term "exploit" derives from the English verb "to exploit," meaning "to use something to one’s own advantage." Exploits are designed to identify flaws, bypass security measures, gain unauthorized access to systems, take control of systems, install malware, or data breach, steal sensitive data. While an exploit by itself may not be a malware, it serves as a vehicle for delivering malicious software by breaching security controls. Researchers estimate that malicious exploits cost the global economy over US$450 billion annually. In response to this threat, organizations are increasingly utilizing cyber threat intelligence to identify vulnerabilities and prevent hacks before they occur. Description Expl ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Foreign Intelligence Service (Russia)
The Foreign Intelligence Service (SVR) is the civilian foreign intelligence agency of Russia. The SVR succeeded the First Chief Directorate of the KGB in December 1991.The Security Organs of the Russian Federation: A Brief History 1991–2004' by Jonathan Littell, Psan Publishing House 2006. The SVR has its headquarters in the Yasenevo District of Moscow with its director reporting directly to the President of the Russian Federation. Unlike the Russian Federal Security Service (FSB), the SVR is tasked with intelligence and espionage activities outside the Russian Federation. A small service, it works collaboratively with its military intelligence counterpart, the Main Intelligence Directorate, better known as the GRU. As of 1997, the GRU reportedly deployed six times as many spies in foreign countries as the SVR. The SVR is authorized to negotiate intelligence-sharing arrangements with foreign governments, particularly on matters of counterterrorism, and is tasked with pr ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Russia
Russia, or the Russian Federation, is a country spanning Eastern Europe and North Asia. It is the list of countries and dependencies by area, largest country in the world, and extends across Time in Russia, eleven time zones, sharing Borders of Russia, land borders with fourteen countries. Russia is the List of European countries by population, most populous country in Europe and the List of countries and dependencies by population, ninth-most populous country in the world. It is a Urbanization by sovereign state, highly urbanised country, with sixteen of its urban areas having more than 1 million inhabitants. Moscow, the List of metropolitan areas in Europe, most populous metropolitan area in Europe, is the capital and List of cities and towns in Russia by population, largest city of Russia, while Saint Petersburg is its second-largest city and Society and culture in Saint Petersburg, cultural centre. Human settlement on the territory of modern Russia dates back to the ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Advanced Persistent Threat
An advanced persistent threat (APT) is a stealthy threat actor, typically a State (polity), state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period. In recent times, the term may also refer to non-state-sponsored groups conducting large-scale targeted intrusions for specific goals. Such threat actors' motivations are typically political or economic. Every major business sector has recorded instances of cyberattacks by advanced actors with specific goals, whether to steal, spy, or disrupt. These targeted sectors include government, Arms industry, defense, financial services, Practice of law, legal services, Manufacturing, industrial, Telecommunication, telecoms, Final good, consumer goods and many more. Some groups utilize traditional espionage vectors, including Social engineering (security), social engineering, Human intelligence (intelligence gathering), human intelligence and Infiltration tactics, infil ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
APT29
Cozy Bear is a Russian advanced persistent threat hacker group believed to be associated with Russian foreign intelligence by United States intelligence agencies and those of allied countries. Dutch signals intelligence (AIVD) and American intelligence had been monitoring the group since 2014 and was able to link the hacker group to the Russian foreign intelligence agency (SVR) after compromising security cameras in their office. CrowdStrike and Estonian intelligence reported a tentative link to the Russian domestic/foreign intelligence agency (FSB). Various groups designate it CozyCar, CozyDuke, Dark Halo, The Dukes, Midnight Blizzard, NOBELIUM, Office Monkeys, StellarParticle, UNC2452 with a tentative connection to Russian hacker group YTTRIUM. Symantec reported that Cozy Bear had been compromising diplomatic organizations and national governments since at least 2010. Der Spiegel published documents in 2023 purporting to link Russian IT firm NTC Vulkan to Cozy Bear ope ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Dave Aitel
Dave Aitel (born 1976) is a computer security professional. He joined the NSA as a research scientist aged 18 where he worked for six years before being employed as a consultant at @stake for three years. In 2002 he founded a security software company, Immunity, where he was the CTOImmunity company information . Retrieved on July 8, 2007. up until December 31, 2020. Aitel co-authored several books: * The Hacker's Handbook: The Strategy Behind Breaking into and Defending Networks. * The Shellcoder's Handbook. * Beginning Python. He has also written several security tools: * SPIKE, a block-based fuzzer * SPIKE Proxy, a man-in-the-middle web application assessment tool * Unmask, a tool to do statistical analysis on text to determine authorship Dave Aitel is an infrequent guest on the Fox News Channel, where he provides commentary on information security Information security is the practice of protecting information by mitigating information risks. It is part of information r ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
