33 min listen
XZ - Backdoors and The Fragile Supply Chain - PSW #823
XZ - Backdoors and The Fragile Supply Chain - PSW #823
ratings:
Length:
64 minutes
Released:
Apr 4, 2024
Format:
Podcast episode
Description
As most of you have probably heard there was a scary supply chain attack against the open source compression software called "xz". The security weekly hosts will break down all the details and provide valuable insights. https://blog.qualys.com/vulnerabilities-threat-research/2024/03/29/xz-utils-sshd-backdoor https://gynvael.coldwind.pl/?id=782 https://isc.sans.edu/diary/The+xzutils+backdoor+in+security+advisories+by+national+CSIRTs/30800 https://lcamtuf.substack.com/p/technologist-vs-spy-the-xz-backdoor https://github.com/amlweems/xzbot https://unit42.paloaltonetworks.com/threat-brief-xz-utils-cve-2024-3094/ https://unicornriot.ninja/2024/xz-utils-software-backdoor-uncovered-in-years-long-hacking-plot/ https://gist.github.com/smx-smx/a6112d54777845d389bd7126d6e9f504 https://arstechnica.com/security/2024/04/what-we-know-about-the-xz-utils-backdoor-that-almost-infected-the-world/ https://xeiaso.net/notes/2024/xz-vuln/ https://infosec.exchange/@AndresFreundTec@mastodon.social https://github.com/notselwyn/cve-2024-1086?tab=readme-ov-file https://doublepulsar.com/inside-the-failed-attempt-to-backdoor-ssh-globally-that-got-caught-by-chance-bbfe628fafdd Show Notes: https://securityweekly.com/psw-823
Released:
Apr 4, 2024
Format:
Podcast episode
Titles in the series (100)
Interview with Ira Winkler - Episode 343: Ira Winkler, CISSP is President of Secure Mentem. Ira is one of the foremost experts in the human elements of cyber security and is known for the extensive espionage and social engineering simulations that he has conducted for Fortune 500 companies... by Security Weekly Podcast Network (Video)