Found 4 bookmarks
Newest
XZ Utils Supply Chain Puzzle: Binarly Ships Free Scanner for CVE-2024-3094 Backdoor
XZ Utils Supply Chain Puzzle: Binarly Ships Free Scanner for CVE-2024-3094 Backdoor
On March 29, right before Easter weekend, we received notifications about something unusual happening with the open-source project XZ Utils, which provides lossless data compression on virtually all Unix-like operating systems, including Linux. The initial warning was sent to the Open Source Security mailing list sent by Andres Freund, who discovered that XZ Utils versions 5.6.0 and 5.6.1 are impacted by a backdoor. A few hours later, the US government’s CISA and OpenSSF warned about a critical problem: an installed XZ backdoored version could lead to unauthorized remote access.
#binarly#EN#2024#XZ#Supply-chain-attack#CVE-2024-3094#Scanner
·binarly.io·
XZ Utils Supply Chain Puzzle: Binarly Ships Free Scanner for CVE-2024-3094 Backdoor
Leaked Intel Boot Guard keys:What happened? How does it affect the software supply chain?
Leaked Intel Boot Guard keys:What happened? How does it affect the software supply chain?
Binarly is the world's most advanced automated firmware supply chain security platform. Using cutting-edge machine-learning techniques, Binary identifies both known and unknown vulnerabilities, misconfigurations, and malicious code in firmware and hardware components.
#binarly#EN#2023#MSI#BootGuard#Leaked#Intel#supplychain
·binarly.io·
Leaked Intel Boot Guard keys:What happened? How does it affect the software supply chain?