The Human Connection Blog
1 MIN READ
New Cyber Threat Intelligence Lab release!
BenMcCarthy
Immerser
12 months agoToday we have a brand new set of labs related to CVE-2024-3094 (xz) – Supply Chain Compromise
n late March 2024, a critical backdoor (CVE-2024-3094) was found in the popular Linux open-source library 'xz.' This vulnerability affects various tools utilizing the library, including SSH. With a CVSS score of 10.0, this represents a critical issue in the open-source software supply chain.
In this lab, you'll analyze the vulnerable library distribution and extract indicators of compromise.
Who is it for?
- Incident responders
- SOC analyst
What are the key takeaways?
- Understand the mechanism used by the vulnerable library to deliver the backdoor binary file
- Identify methods to detect vulnerable versions in production environments
Cyber Pro licensed users can access the new collection here.
Published 12 months ago
Version 1.0BenMcCarthy
Immerser
Lead Cyber Security Engineer. I lead the team that releases the content for the CTI part of the platform! Latest CVEs, malware threats and emerging threats all within 24 hours.The Human Connection Blog
Learn from our passionate experts on a wide range of subjects from Cyber Threat Research to maximizing value with Immersive, plus, hear from our outstanding customers who are keen to share their experiences.