Blog Post

The Human Connection Blog
1 MIN READ

New Cyber Threat Intelligence Lab release!

BenMcCarthy's avatar
BenMcCarthy
Icon for Immerser rankImmerser
12 months ago

Today we have a brand new set of labs related to CVE-2024-3094 (xz) – Supply Chain Compromise

n late March 2024, a critical backdoor (CVE-2024-3094) was found in the popular Linux open-source library 'xz.' This vulnerability affects various tools utilizing the library, including SSH. With a CVSS score of 10.0, this represents a critical issue in the open-source software supply chain.

In this lab, you'll analyze the vulnerable library distribution and extract indicators of compromise. 

Who is it for?

  • Incident responders
  • SOC analyst

What are the key takeaways?

  • Understand the mechanism used by the vulnerable library to deliver the backdoor binary file
  • Identify methods to detect vulnerable versions in production environments

Cyber Pro licensed users can access the new collection here.

Published 12 months ago
Version 1.0
content updates
cyber pro
cyber threat intelligence
BenMcCarthy's avatar
Icon for Immerser rankImmerser
Lead Cyber Security Engineer. I lead the team that releases the content for the CTI part of the platform! Latest CVEs, malware threats and emerging threats all within 24 hours.
View Profile
The Human Connection Blog
Learn from our passionate experts on a wide range of subjects from Cyber Threat Research to maximizing value with Immersive, plus, hear from our outstanding customers who are keen to share their experiences.
No CommentsBe the first to comment