all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

The Narrow Escape from the xz Disaster

Add to bookmarks
c
May 6, 2024, 7:34 p.m. |

Cloud Security Alliance cloudsecurityalliance.org

Originally published by Dazz.Written by Tomer Schwartz, Co-founder & CTO, Dazz.In the intricate world of software supply chain, the recent near-miss incident with CVE-2024-3094–the xz/liblzma backdoor–serves as a potent reminder of our system's fragility and the constant vigilance required to safeguard it. In short, a widely used open source package was compromised to add a backdoor to its officially released packages. For the uninformed, technical advisory says only versions 5.6.0 and 5....

amp backdoor co-founder compromised cto cve cve-2024 cve-2024-3094 disaster escape founder incident near open source package reminder safeguard software software supply chain supply supply chain system vigilance world written

Visit resource

More from cloudsecurityalliance.org / Cloud Security Alliance

Cl
The Risk and Impact of Unauthorized Access to Enterprise Environments 2 days, 12 hours ago | cloudsecurityalliance.org
access advanced api api security +28
Cl
Automated Cloud Remediation – Empty Hype, Viable Strategy, or Something in Between? 2 days, 12 hours ago | cloudsecurityalliance.org
amp automated automation cloud +15
Cl
Cloud Security Alliance and SAFECode Release Sixth and Final White Paper in Its Six Pillars … 4 days, 18 hours ago | cloudsecurityalliance.org
alliance best practices certifications clear +19
Cl
Apple's New iMessage, Signal, and Post-Quantum Cryptography 4 days, 20 hours ago | cloudsecurityalliance.org
apple application attack computers +25
Cl
2024 State of SaaS Security Report Shows A Gap Between Security Team Confidence And Complexity … 4 days, 21 hours ago | cloudsecurityalliance.org
applications complexity data enterprise +18
Cl
Navigating Cloud Security Best Practices: A Strategic Guide 1 week, 2 days ago | cloudsecurityalliance.org
best practices blog cloud cloud computing +25
Cl
Building Trust Through Vendor Risk Management 1 week, 2 days ago | cloudsecurityalliance.org
advisory barr advisory building building trust +19
Cl
New SEC Rules: Material Incident Reporting Through Cybersecurity Disclosures 1 week, 3 days ago | cloudsecurityalliance.org
aim companies cybersecurity cybersecurity risks +22
Cl
A Risk-Based Approach to Vulnerability Management 1 week, 4 days ago | cloudsecurityalliance.org
armorcode attacks events impact +13

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Associate Vulnerability Management Specialist

@ Diebold Nixdorf | Hyderabad, Telangana, India
View on infosec-jobs.com

Cybersecurity Architect, Infrastructure & Technical Security

@ KCB Group | Kenya
View on infosec-jobs.com

Security Analyst SOC (m/w/d)

@ Deutsche Telekom | Bonn, Deutschland
View on infosec-jobs.com