SEARCH
3 Things We Still Don’t Know About the XZ Backdoor
The XZ Utils backdoor was a very subtle operation that took several years to pull off, and while some of the technical details are known, there is plenty we still don't know. Dennis Fisher and Lindsey O'Donnell-Welch talk about the unknowns and what if anything could have been done to prevent this from happening.
Ivanti Patches New Flaws as Exploits Continue Against Older Ones
Ivanti has released patches for four new vulnerabilities in its Connect Secure and Policy Secure appliances, as Mandiant said it has seen eight separate groups exploiting some older flaws in those devices.
New Malware Emerges With IcedID Links
Researchers believe that the new malware, likely created by IcedID developers, will become increasingly used by threat actors across the landscape.
Post-Disruption, LockBit’s Reputational Damage Key
Law enforcement efforts to sow distrust and hit LockBit’s brand have had arguably the biggest impact on undermining the ransomware-as-a-service model behind the group.
Carefully Crafted Campaign Led to XZ Utils Backdoor
The person or people that implanted malicious code into XZ Utils put time and effort into building trust in the open source software ecosystem.