all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

XZ and the Threats to the Digital Supply Chain

Add to bookmarks
April 4, 2024, 8:16 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

The discovery of the backdoor in xz utils compression software last week has shone a spotlight on the threats to the digital supply chain. Wired has an excellent analysis on the attack, theorizing the years-long campaign may have been by the Russian foreign intelligence service (which was also behind the SUNBURST aka Solarwinds attack). Here are our key takeaways and how we’re protecting Eclypsium customers:


The First of Its Kind, But Not the Last


The xz backdoor (CVE-2024-3094), for all …

analysis attack backdoor campaign compression digital digital supply chain discovery foreign intelligence intelligence intelligence service may russian service software spotlight sunburst supply supply chain threats week wired xz utils

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Managed Detection and Response in 2023 39 minutes ago | malware.news
analysis and response center collecting +26
Dynamic Link Dazzle: Unveiling the Dark Side of DLLs an hour ago | malware.news
application apt apt groups chinese +20
KapeKa Backdoor: Russian Threat Actor Group’s Recent Attacks an hour ago | malware.news
actor attacks backdoor cyber +16
Why space exploration is important for Earth and its future: Q&A with David Eicher an hour ago | malware.news
amp article benefits beyond +18
ISC Stormcast For Tuesday, April 30th, 2024 https://isc.sans.edu/podcastdetail/8960, (Tue, Apr 30th) 6 hours ago | malware.news
topic
Report on the First Scientific Experiment to Test the Impact of Generative AI on Complex, … 7 hours ago | malware.news
boston business consultants consulting +16
2023 Activities Summary of SectorD groups (KOR) 7 hours ago | malware.news
Relaying Kerberos Authentication from DCOM OXID Resolving 8 hours ago | malware.news
access active directory adcs administrator +21
SecretCalls Spotlight: A Formidable App of Notorious Korean Financial Fraudster (Part 1) 9 hours ago | malware.news
app article blog financial +7

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Architect - Identity and Access Management Architect (80-100% | Hybrid option)

@ Swiss Re | Madrid, M, ES
View on infosec-jobs.com

Alternant - Consultant HSE (F-H-X)

@ Bureau Veritas Group | MULHOUSE, Grand Est, FR
View on infosec-jobs.com

Senior Risk/Cyber Security Analyst

@ Baker Hughes | IN-KA-BANGALORE-NEON BUILDING WEST TOWER
View on infosec-jobs.com

Offensive Security Engineer (University Grad)

@ Meta | Bellevue, WA | Menlo Park, CA | Seattle, WA | Washington, DC | New York City
View on infosec-jobs.com

Senior IAM Security Engineer

@ Norfolk Southern | Atlanta, GA, US, 30308
View on infosec-jobs.com
View more jobs