all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

The Amazingly Scary XZ SSHD Backdoor

Add to bookmarks
April 4, 2024, 2:50 p.m. | SANS Institute

SANS Institute www.youtube.com

Last week, Andres Freund, a developer working at Microsoft, found a sophisticated backdoor in xz-utils, a popular compression library. The backdoor was not only sophisticated from a technical point of view, but the threat actor had clearly prepared extensively, using social engineering to sneak the code into xz-utils and convince some Linux distributions to consider including it.

In this Wait Just an Infosec episode, our guest host Dr. Johannes Ullrich is joined by SANS Internet Storm Center Handler Bojan Zdrnja …

actor backdoor code compression developer distributions engineering found library linux linux distributions microsoft point popular scary social social engineering sshd technical threat threat actor week working

Visit resource

More from www.youtube.com / SANS Institute

CISOs Confront AI Adapting Cybersecurity to the AI Era 1 day, 14 hours ago | www.youtube.com
artificial cisos cybersecurity cybersecurity leadership +12
Cyber Risk Management: Essentials for the Practical CISO 4 days, 22 hours ago | www.youtube.com
actionable assets business business growth +26
About Cyber42 | A SANS Cybersecurity Leadership Simulation Game 5 days, 21 hours ago | www.youtube.com
business capital constraints daily +17
Introduction to AI and Leveraging it in Cybersecurity 1 week, 5 days ago | www.youtube.com
artificial artificial intelligence cybersecurity deep learning +14
Incident Response VS Incident Management | The Incident Commander Series Ep. 1 3 weeks, 5 days ago | www.youtube.com
commander don incident incident response +8
The Amazingly Scary XZ SSHD Backdoor 3 weeks, 5 days ago | www.youtube.com
actor backdoor code compression +19
Countdown Begins: SANS to Reveal The Five Biggest Cyber Threats at RSAC 2024 3 weeks, 6 days ago | www.youtube.com
attack attack techniques can conference +15
SEC401 Security Essentials: Whose Next-Gen Lab is it Anyway? 3 weeks, 6 days ago | www.youtube.com
author bryan cloud cyber +19
Changing the Landscape: Women Redefining Cybersecurity 1 month, 1 week ago | www.youtube.com
changing cisco cybersecurity cybersecurity industry +12

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Threat Analysis Engineer

@ Gen | IND - Tamil Nadu, Chennai
View on infosec-jobs.com

Head of Security

@ Hippocratic AI | Palo Alto
View on infosec-jobs.com

IT Security Vulnerability Management Specialist (15.10)

@ OCT Consulting, LLC | Washington, District of Columbia, United States
View on infosec-jobs.com

Security Engineer - Netskope/Proofpoint

@ Sainsbury's | Coventry, West Midlands, United Kingdom
View on infosec-jobs.com

Journeyman Cybersecurity Analyst

@ ISYS Technologies | Kirtland AFB, NM, United States
View on infosec-jobs.com
View more jobs