Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://cyberplace.social/users/GossiTheDog/statuses/112202992059005550">Kevin Beaumont (gossithedog@cyberplace.social)'s status on Wednesday, 03-Apr-2024 03:17:41 JST</a><a href="https://cyberplace.social/@GossiTheDog" title="gossithedog@cyberplace.social"><img src="https://gnusocial.jp/avatar/38360-48-20250105013211.webp" width="48" height="48" alt="Kevin Beaumont" style="position: absolute; left: 0; top: 0;">Kevin Beaumont</a><div><a href="https://cyberplace.social/@GossiTheDog/112202967577254451" rel="in-reply-to">in reply to</a></div></section><article><p>‘They’ are very likely a multi million dollar operation - see also just the shell script analysis, before you even get to the backdoor (which is much more nuts) <a href="https://research.swtch.com/xz-script" rel="nofollow noreferrer">https://research.swtch.com/xz-script</a></p><p>The actual SSH backdoor is cryptographically signed so only the threat actor can use it. If you work in threat intelligence and write “foreign” intelligence agency, you might want to look at your bias training. </p><p> <a href="https://cyberplace.social/tags/XZ" rel="tag">#XZ</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2881363#notice-5748942">In conversation</a><time datetime="2024-04-03T03:17:41+09:00" title="Wednesday, 03-Apr-2024 03:17:41 JST">about 10 months ago</time> <span>from <span><a href="https://cyberplace.social/@GossiTheDog/112202992059005550" rel="external" title="Sent from cyberplace.social via ActivityPub">cyberplace.social</a></span></span><a href="https://cyberplace.social/@GossiTheDog/112202992059005550">permalink</a><h4>Attachments</h4><ol><li><label><a rel="external" href="https://gnusocial.jp/attachment/2451564">Untitled attachment</a></label><br></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Wednesday, 03-Apr-2024 03:17:41 JST Kevin Beaumont
in reply to
‘They’ are very likely a multi million dollar operation - see also just the shell script analysis, before you even get to the backdoor (which is much more nuts) https://research.swtch.com/xz-script
The actual SSH backdoor is cryptographically signed so only the threat actor can use it. If you work in threat intelligence and write “foreign” intelligence agency, you might want to look at your bias training.
#XZ
In conversationabout 10 months ago from cyberplace.socialpermalink
Attachments
1. Untitled attachment

Public

Embed Notice

HTML Code

Corresponding Notice