Happy Supply Chain Attack Friday!
tldr if you updated Kali Linux recently you're pwned with malware
https://twitter.com/kalilinux/status/1773786266074513523
tldr if you updated Kali Linux recently you're pwned with malware
https://twitter.com/kalilinux/status/1773786266074513523
X (formerly Twitter)
Kali Linux (@kalilinux) on X
The xz package, starting from version 5.6.0 to 5.6.1, was found to contain a backdoor. The impact of this vulnerability affected Kali between March 26th to March 29th. If you updated your Kali installation on or after March 26th, it is crucial to apply theβ¦
π€£140π€―47π«‘6π5π’5π₯4π±3π€2β€1π1
The more we read about the xz supply chain attack the more we realize that everyone needs to move to Windows XP.
This wouldn't have happened on Windows XP
This wouldn't have happened on Windows XP
π€£140π―20β€11π4π2π€2β€βπ₯1π€1π€―1
vx-underground
Checked in with Lockbit ransomware group administrative staff yesterday. We haven't spoken with them in a few weeks. They're now looking to expand operations into Violence-as-a-Service. Very cool β malware, extortion, money laundering, and now violence π
Lockbit has clarified this is not to intimidate potential victims of ransomware. Lockbit administrative staff claim they were recently robbed and need to get their money back.
π€£113π€14β€5π1π±1π―1
meemaw shows nerds how to use ffmpeg, uses a 2 character password, uses neofetch, and complains about bloat on her 4gb linux box
based and linux pilled
https://www.youtube.com/watch?v=YVI6SCtVu4c
based and linux pilled
https://www.youtube.com/watch?v=YVI6SCtVu4c
YouTube
How To Use FFMPEG On Linux.
FFMPEG comes with Linux as a terminal based application and video converter. But there is an easy way to convert sound and video files to other formats. I show you how with MystiQ. You can also use QWinFF.
00:00 How To
03:24 MystiQ
05:06 How To Use
08:14β¦
00:00 How To
03:24 MystiQ
05:06 How To Use
08:14β¦
β€182π11π7π€―6π―4π₯3π€3π1
The xz situation is absolutely insane and almost certainly state sponsored.
This is an excellent example of a widely used software being maintained by basically one person.
Read this web article and then frown and become sad.
https://boehs.org/node/everything-i-know-about-the-xz-backdoor
This is an excellent example of a widely used software being maintained by basically one person.
Read this web article and then frown and become sad.
https://boehs.org/node/everything-i-know-about-the-xz-backdoor
boehs.org
Everything I Know About the XZ Backdoor
Please note: This is being updated in real-time. The intent is to make sense of lots of simultaneous discoveries
π±81π€15π₯8π«‘7π4π€―4β€3π€£2β€βπ₯1π’1
The xz backdoor was initially caught by a software engineer at Microsoft. He noticed 500ms lag and thought something was suspicious.
This is the Silver Back Gorilla of nerds. The internet final boss.
This is the Silver Back Gorilla of nerds. The internet final boss.
π₯186π«‘84π€25π12π€£11β€8π―7π5π1π1
Microsoft engineer: 500ms lag in liblzma? Something's up.
Also Microsoft engineer: 45 minute lag in Microsoft Teams? Perfect.
Also Microsoft engineer: 45 minute lag in Microsoft Teams? Perfect.
π€£373π₯42π29β€14π12π―5π₯°3π€3
We made a post congratulating and praising Andres Freund for his discovery of the xz backdoor
Dorks immediately started freaking out
>i WouLd hAvE cAuGhT ThiS
>i dO bEnChMarkS liKe tHiS tOO
How about you be happy for someone? Not everything is an attack on your ego π€π€
Dorks immediately started freaking out
>i WouLd hAvE cAuGhT ThiS
>i dO bEnChMarkS liKe tHiS tOO
How about you be happy for someone? Not everything is an attack on your ego π€π€
β€213π€£71π―31π20π€―5π3π€3π3β€βπ₯2
Most difficult things to do:
- Climbing Mt. Everest
- Mastering a second language
- Overcoming addiction
- Syncing Outlook
- Climbing Mt. Everest
- Mastering a second language
- Overcoming addiction
- Syncing Outlook
π€£193π12β€10π7π―5π₯3π€3π2β€βπ₯1π€1π±1
Hello, how are you?
It is Sunday. Today is a day to rest. We hope everyone had a good week. We hope all of you have a good weekend.
It is Sunday. Today is a day to rest. We hope everyone had a good week. We hope all of you have a good weekend.
π85β€55π₯°30π’8π€£8β€βπ₯5π€5π4π«‘3π2
PandaBuy has been breached by Threat Actors operating under the names "Sanggiero" and "IntelBroker". Exfiltrated data includes:
- UserId
- First name
- Last name
- Phone number
- Email
- Login Ip
- Full address
- Order information
Breach patrons are relatively excited
- UserId
- First name
- Last name
- Phone number
- Login Ip
- Full address
- Order information
Breach patrons are relatively excited
π82π€£52π₯17π’13β€12β€βπ₯1π1
Discord has announced they will begin displaying ads to boost revenue
π€£167π’30π«‘11π€―8π€7π3π€3π₯°2β€1π1