In November of 2024, a bootkit.efi hash was uploaded to the Virus Total database by an anonymous source (1), to which researchers at ESET uncovered that this binary pertained to the first of its kind: a UEFI Bootkit written not for Windows, but for Linux (2). Through their analysis, ESET determined that the application, titled …
Continue reading “Bootkitty: The First UEFI Bootkit for Linux”
Hello everyone! I’m proud to announce the completion of my project: MG-GA. As a heavily documented, C++ application, it serves as a teaching aid to better understand not only the MinGen algorithm, but also the general ideas of Brute-Force and Genetic Algorithms alongside ways that they can be optimized. The GitHub repository is available at …
Hello everybody! I’m proud to announce the completion of my Project: UDP-WG. It’s a heavily documented C++ codebase that implements both the UDP Network Protocol, and the WireGuard VPN protocol. These implementations are used to create the main program, which allows instances to communicate with each other using either of these two protocols! The repository …
Introduction The beginning of the calendar year is an important time for the Linux Ecosystem, as it sees the release of many important projects and distributions. Perhaps most important is the coordinated release of the prolific GNOME desktop environment, who’s biannual release cycle sees a new version in March and September (1), and the Ubuntu …
Continue reading “The XZ Backdoor: A 10.0 CVSS Exploit We Just Barely Avoided”
On July 1st, 2024, the security firm Qualys published their discovery of a vulnerability within the OpenSSH daemon that allowed for unauthenticated, network-exploitable, remote code execution [1]. As a ubiquitous means of secure access to remote servers, the vulnerability allowed for attackers to gain unfettered, superuser access to a majority of servers running Linux, which …
Continue reading “RegreSSHion: Remote Code Execution in OpenSSH”
Powered by UCalgary
The views, information, or opinions expressed on this site are solely those of the individual(s) involved and do not necessarily represent the position of the University of Calgary as an institution.
Website Terms & Conditions | Privacy Policy | Copyright © 2024
