Risky Business

Risky Business #743 -- A chat about the xz backdoor with the guy who found it

Listen Later

On this week’s show Patrick and Adam discuss the week’s security news, including:

  • The SSH backdoor that dreams (or nightmares) are made of
  • Microsoft gets a solid spanking from the CSRB
  • Ukraine uses an old Russian WinRAR bug to hack Russia
  • Push-notifications and social-engineering combined-arms vs Apple
  • And much, much more.

    • We have a special guest in this week’s show, Andres Freund, the Postgres developer who discovered the backdoor in the xz Linux compression library.

    This week’s show is brought to you by Island, a company that makes a security-focussed enterprise browser. Island’s Bradon Rogers is this week’s sponsor guest and he’ll be joining us to talk about how people are swapping out their Virtual Desktop Infrastructure for enterprise-focussed browsers like theirs.

    Show notes
    • Risky Biz News: Supply chain attack in Linuxland
    • oss-security - Re: backdoor in upstream xz/liblzma leading to ssh server compromise
    • Andres Freund (Tech) on X: "@binitamshah FWIW, I didn't actually start looking due to the 500ms - I started looking when I saw failing ssh logins (by the usual automated attempts trying random user/password combinations) using a substantial amount of CPU. Only after that I noticed the slower logins." / X
    • Andres Freund (Tech) on X: "@riskybusiness Absurdly enough, I was listening to the episode on a cooking break while writing the xz issue up. Couldn't make it up." / X
    • GitHub - amlweems/xzbot: notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)
    • research!rsc: The xz attack shell script
    • DHS report rips Microsoft for ‘cascade’ of errors in China hack - The Washington Post
    • Review of the Summer 2023 Microsoft Exchange Online Intrusion
    • Russian researchers say espionage operation using WinRAR bug is linked to Ukraine
    • Recent ‘MFA Bombing’ Attacks Targeting Apple Users – Krebs on Security
    • Ransomware gang leaks stolen Scottish healthcare patient data in extortion bid
    • Ross Anderson, professor and famed author of ‘Security Engineering,’ passes away
      • ...more
      View all episodesView all episodes
      Download on the App Store
      Risky BusinessBy Patrick Gray
      • 4.6
      • 4.6
      • 4.6
      • 4.6
      • 4.6

      4.6

      354 ratings

      More shows like Risky Business

      View all
      Security Now (Audio) by TWiT

      Security Now (Audio)

      1,970 Listeners

      SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

      SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

      626 Listeners

      Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

      Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

      366 Listeners

      Hacked by Hacked

      Hacked

      176 Listeners

      CyberWire Daily by N2K Networks

      CyberWire Daily

      1,006 Listeners

      Smashing Security by Graham Cluley & Carole Theriault

      Smashing Security

      312 Listeners

      Click Here by Recorded Future News

      Click Here

      408 Listeners

      Malicious Life by Malicious Life

      Malicious Life

      925 Listeners

      Darknet Diaries by Jack Rhysider

      Darknet Diaries

      7,871 Listeners

      Cybersecurity Today by Jim Love

      Cybersecurity Today

      166 Listeners

      CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

      CISO Series Podcast

      187 Listeners

      Hacking Humans by N2K Networks

      Hacking Humans

      314 Listeners

      Defense in Depth by David Spark, Steve Zalewski, Geoff Belknap

      Defense in Depth

      74 Listeners

      Cyber Security Headlines by CISO Series

      Cyber Security Headlines

      127 Listeners

      Risky Bulletin by risky.biz

      Risky Bulletin

      43 Listeners