Is remote code execution in UEFI firmware possible? Yes it is. Meet #PixieFAIL: 9 vulnerabilities in the IPv6 stack of EDK II, the open source UEFI implementation used by billions of computers. Full details by Francisco Falcon and iarce in our new blog post: blog.quarkslab.com/pixiefail-nine…

Today, we're disclosing an overlooked, wide-impact bug/attack vector affecting the Windows/COM ecosystem, dubbed #MonikerLink. In Outlook, the bug's impact is far and wide: from leaking NTLM creds to RCE. The same issue may exist in other software, too. research.checkpoint.com/2024/the-risks…

Backdoor in upstream xz/liblzma leading to ssh server compromise openwall.com/lists/oss-secu…

🚨 breaking radio silence to deliver a critical warning: the xz upstream tarballs have been backdoored for one month. This is a five alarm fire for everyone who uses Linux. openwall.com/lists/oss-secu… boehs.org/node/everythin…

Security Alert: Potential SSH Backdoor Via Liblzma hackaday.com/2024/03/29/sec…

Andres Freund, the principal software engineer at Microsoft who discovered the xz backdoor really does deserve a big pat on the back. 👏 The outcome could have been much, much worse.

🛑 URGENT SECURITY ALERT! Secret backdoor found in XZ Utils compression library used by major #Linux distros, like Fedora, Kali Linux, and openSUSE. Attackers could breach SSH and take control of systems. thehackernews.com/2024/03/urgent… Update and review your systems immediately.

The xz situation is absolutely insane and almost certainly state sponsored. This is an excellent example of a widely used software being maintained by basically one person. Read this web article and then frown and become sad. boehs.org/node/everythin…

I've been reverse engineering the xz backdoor this weekend and have documented the payload format and written a proof-of-concept exploit for the RCE. The payloads are signed with an ED448 key, so I patched my own key into the backdoor for testing. :-) github.com/amlweems/xzbot

🚨 #OligoADR's tech was ready to detect CVE-2024-3094 #XZ exploitation attempts from day one. This early detection, detailed in our recent blog, showcases our advanced, library-level profiling in action—no additional rules required. Learn how: oligo.security/blog/detecting…

The remarkable Ivan Kwiatkowski guided us through a deep dive into the intricate relationships between commercial cyber actors and governmental agendas, revealed thanks to the massive I-Soon leak.

Who were the Iranian cyber groups attempting to disrupt the municipal elections in Israel? What were their tools and techniques, and how is Albania connected to the whole story? Israel Gubi & Amitai Ben Shushan Ehrlich held all the answers in their captivating talk.

We discovered that by uploading a malicious AI model to @Replicate, a leading AI-as-a-Service platform, we could read and modify prompts of other customers 🤯 Here is exactly how we did it 🧵⬇️