YARA Rule for CVE-2024-3094


Userlevel 7
Badge +7
  • Veeam Legend
  • 720 comments

Hi Folks,

Following on from the news regarding a backdoor in the Linux library xz, a Yara Rule is now available that can be used in Veeam 12.1 if you do not utilise a vulnerability scanner in your environment. Great way to check by leveraging Veeam to do the scanning for you. 

There is more info about the vulnerability on the post by @JMeixner :

Yara Rule can be found here: https://github.com/Neo23x0/signature-base/blob/master/yara/bkdr_xz_util_cve_2024_3094.yar

 


0 comments

Be the first to comment!

Comment