Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11A programmer discovers a security hole that could bring down the global system
At the end of March, Andres Freund, a 38-year-old programmer currently living in San Francisco and working for Microsoft, discovered a backdoor hidden in a software part of the Linux operating system that could lead to giving hackers access to hundreds of millions of computers worldwide. Luckily, an unfortunate incident did not take place.
The Linux operating system is arguably the world's most important open source software. Most servers in the world - including those belonging to banks, hospitals, governments. are running on Linux, so Linux security vulnerabilities will have a global impact.
This dangerous vulnerability was discovered when Freund periodically maintained a part of PostgreSQL - open source software used in database processing.
While examining a series of automated tests, he realized that an application called SSH - which is used to access remote computers - was using more resources than usual. Continuing to follow the trail, he found a data compression tool called xz Utils that reminded him of the error message not long ago.
After 'digging' into the source code of xz Utils, Freund saw traces of editing by someone or some organization. Specifically, malicious code has been installed into the latest version of xz Utils. This backdoor will allow malware installers to take advantage of SSH connections and secretly run software remotely.
He collected more evidence as he 'dig deeper'. At the end of March, Mr. Freund sent the evidence he collected to a group of open source software developers and caused an uproar in the community. Within just a few hours, this serious error was patched.
Some programmers assert that if Freund had not discovered it, a cyber attack that would leave a stain on the history books could have happened.
Alex Stamos, senior director at SentinelOne, a cybersecurity research company, said the backdoor discovered by Freund may be the most widespread, most effective backdoor ever installed in any software. , can 'give its creator the master key to access hundreds of millions of computers using SSH globally'. At that time, crooks were able to steal sensitive information, install malware, cause disruption to global infrastructure. without ever being caught.
Freund said, the person behind this incident is clever and cunning enough to erase traces, making the malicious code more difficult to find.
After discovering the security hole, Freund is still helping the team of programmers analyze and find the mastermind. Along with that, Freund is also developing and perfecting a version of PostgreSQL, expected to be released later this year.
Marvin FryYou should read it
- Samba vulnerabilities allow hackers to invade thousands of remote Linux computers
- HP publishes a series of critical vulnerabilities in the Teradici PCoIP protocol
- Microsoft officially submitted an application to join 'Linux secretion'.
- The Mail app on iOS has serious vulnerabilities
- Intel released Microcode for CPU Linux to fix Meltdown and Specter
- Detecting vulnerabilities in BitTorrent applications allows hackers to control user computers
- Many major vulnerabilities found in Kaspersky Antivirus for Linux servers, download the patch here
- Metasploit - Tool to exploit vulnerabilities
May be interested
- Watch out for new dangerous viruses similar to WannaCry
another type of computer virus that exploits a security hole in the windows operating system, such as the wannacry malicious code, has spread more than 200,000 devices and helped hackers hack silver. - Discovering the new serious security vulnerability of Bitcoin can cause the whole system to crashrecently, developers have discovered a critical security hole of bitcoin, even more dangerous than a 51% attack, which could cause the entire system of this cryptocurrency to collapse. .
- Google revealed a critical flaw in Qualcomm's Adreno GPUthe google project zero team has publicly revealed a security hole that exists in the adreno gpu integrated on the snapdragon chip.
- A programmer discovered a serious vulnerability of Steam but only received 460 million VNDa programmer with the nickname 'moskowsky' posted on the hackerone forum about how he discovered a serious security vulnerability that allowed him to download the entire game without losing any money.
- The streams of plasma sprayed from black holes can kill anythingthe plasma flow from the black hole produces a large amount of radiation, especially high-energy x-rays and gamma rays, which can destroy anything on their path.
- Congratulations to the developers, today, September 13 as your day!this first date was recognized by russia in 2009 and then responded by technology companies and programming companies worldwide. on this day, programmers will be off.
- Discover a monster black hole 100,000 times bigger than the Sun, the second largest in the Milky Wayjapanese astronomers discovered a supermassive black hole hidden in a cloud of suspended gas near the center of the milky way with a diameter of up to 1400 billion km and a mass of 100,000 times the sun.
- Windows 7 is available on more than half of global PCsaccording to the latest information from statcounter, windows 7 is currently the most popular operating system worldwide. this will become a major barrier for the usurpation of windows 8.
- Not yet released, but iOS 13 has a security hole that bypasses the lock screenios 13 will launch on september 19, but jose rodriguez, a security researcher, has discovered a flaw that allows hackers to bypass the lock screen on this version of ios.
- 10 interesting facts about black holes in the universe (Part 2)in the first part, we learned how a black hole grows, the number of supermassive black holes in the universe ... in this next section, we will learn some other interesting mysteries. about cosmic black holes.
Tech info
- What's special about Apple's 'Let Loose' event?
- Chinese magician sells SSD 1080 Pro at super cheap price even though Samsung hasn't launched it yet
- Qualcomm launches Snapdragon X Plus for PCs running Windows 11 ARM
- Steve Jobs predicted wrong
- The new 11-inch iPad Pro may be in short supply due to a shortage of OLED screens
- Razer introduces the high-end wireless gaming mouse Viper V3 Pro
What's special about Apple's 'Let Loose' event?
Chinese magician sells SSD 1080 Pro at super cheap price even though Samsung hasn't launched it yet
Qualcomm launches Snapdragon X Plus for PCs running Windows 11 ARM
Steve Jobs predicted wrong
The new 11-inch iPad Pro may be in short supply due to a shortage of OLED screens
Razer introduces the high-end wireless gaming mouse Viper V3 Pro