all InfoSec news
XZ and the Threats to the Digital Supply Chain
Malware Analysis, News and Indicators - Latest topics malware.news
The discovery of the backdoor in xz utils compression software last week has shone a spotlight on the threats to the digital supply chain. Wired has an excellent analysis on the attack, theorizing the years-long campaign may have been by the Russian foreign intelligence service (which was also behind the SUNBURST aka Solarwinds attack). Here are our key takeaways and how we’re protecting Eclypsium customers:
The First of Its Kind, But Not the Last
The xz backdoor (CVE-2024-3094), for all …
analysis attack backdoor campaign compression digital digital supply chain discovery foreign intelligence intelligence intelligence service may russian service software spotlight sunburst supply supply chain threats week wired xz utils