- Take that idea and flip it! Use it to see what are the first projects that need to be reviewed from a Threat Hunting perspective!
Seriously! Its a great approach you've created!
Specifically identify projects that would be High Value Targets to a malicious actor and then go through the code with the ASSUMPTION THAT THEY HAVE ALREADY BEEN COMPROMISED.
See how many other backdoors and vulns we can find.
#infosec #FOSS #backdoor #xz #xzBackdoor
Tinker ☀️ /
npub1hq…ent6l
2024-04-01 14:42:44
in reply to nevent1q…tdu8
Author Public Key
npub1hqevlj9hckkq0t30yachlqr06pcf8avevw9v5h8areekx3z2y54shent6lPublished at
2024-04-01 14:42:44Event JSON
{
"id": "621cc5c650bbbec3cb7f41e0a1a67f5506efa6f7c7641bfb1c9d3c29056af655",
"pubkey": "b832cfc8b7c5ac07ae2f27717f806fd07093f599638aca5cfd1e7363444a252b",
"created_at": 1711982564,
"kind": 1,
"tags": [
[
"t",
"foss"
],
[
"t",
"xzbackdoor"
],
[
"e",
"e8d46a451e7f6b2341f3ca9b2ccbb3160a375f60b6234c9a4c93163f032c81b9",
"",
"root"
],
[
"e",
"e4a8b6fae6ae996e010c32e296947dbe635853649b8794151b937f2cda2a7430",
"",
"reply"
],
[
"t",
"xz"
],
[
"p",
"b823733e76b53ea42c31ce1ef01609d54243099be957632291a3c0b503f24a01"
],
[
"t",
"backdoor"
],
[
"p",
"b832cfc8b7c5ac07ae2f27717f806fd07093f599638aca5cfd1e7363444a252b"
],
[
"t",
"infosec"
],
[
"proxy",
"https://infosec.exchange/users/tinker/statuses/112196489323834766",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://infosec.exchange/users/tinker/statuses/112196489323834766",
"pink.momostr"
]
],
"content": "- Take that idea and flip it! Use it to see what are the first projects that need to be reviewed from a Threat Hunting perspective!\n\nSeriously! Its a great approach you've created!\n\nSpecifically identify projects that would be High Value Targets to a malicious actor and then go through the code with the ASSUMPTION THAT THEY HAVE ALREADY BEEN COMPROMISED.\n\nSee how many other backdoors and vulns we can find.\n\n#infosec #FOSS #backdoor #xz #xzBackdoor",
"sig": "a53367a9b707307665eefbdf2c2e073ef7ffa8849dd96f276b08d18079362add1b3e6588d11b84aad2d626f49f8d58b354806a1773299d556d7892cbe1b969cf"
}