all InfoSec news
Lessons That The XZ Utils Backdoor Spells Out - Farshad Abasi - ASW #280
April 8, 2024, 2 p.m. |
Security Weekly (Download Only) sw-all.swsgtv.libsynpro.com
We look into the supply chain saga of the XZ Utils backdoor. It's a wild story of a carefully planned long con to add malicious code to a commonly used package that many SSH connections rely on. It hits themes from social engineering and abuse of trust to obscuring the changes and suppressing warnings. It also has a few lessons about software development, the social and economic dynamics of open source, and strategies for patching software.
It's an exciting topic …
More from sw-all.swsgtv.libsynpro.com / Security Weekly (Download Only)
Air Gapped! The Myth of Securing OT - Thomas Johnson - CSP #172
4 days, 20 hours ago |
sw-all.swsgtv.libsynpro.com
Jobs in InfoSec / Cybersecurity
Enterprise Security Architect
@ Proofpoint | Utah
Senior Incident Response and Digital Forensics Engineer
@ Danske Bank | Vilnius, Lithuania
SOC Analyst (Remote)
@ Bertelsmann | New York City, US, 10019
Risk Consulting - Protect Tech - Staff - IT Compliance - ISO-NIST-FISMA-PCI DSS and Privacy
@ EY | Bengaluru, KA, IN, 560016
Security Officer Warrenpoint Harbour
@ TSS | Newry, County Down, United Kingdom
Senior DevSecOps Engineer
@ Scientific Systems Company, Inc. | Burlington, Massachusetts, United States