all InfoSec news
XZ - Backdoors and The Fragile Supply Chain - PSW #823
April 4, 2024, 4:17 p.m. | Security Weekly
Security Weekly www.youtube.com
* https://blog.qualys.com/vulnerabilities-threat-research/2024/03/29/xz-utils-sshd-backdoor
* https://gynvael.coldwind.pl/?id=782
* https://isc.sans.edu/diary/The+xzutils+backdoor+in+security+advisories+by+national+CSIRTs/30800
* https://lcamtuf.substack.com/p/technologist-vs-spy-the-xz-backdoor
* https://github.com/amlweems/xzbot
* https://unit42.paloaltonetworks.com/threat-brief-xz-utils-cve-2024-3094/
* https://unicornriot.ninja/2024/xz-utils-software-backdoor-uncovered-in-years-long-hacking-plot/
* https://gist.github.com/smx-smx/a6112d54777845d389bd7126d6e9f504
* https://arstechnica.com/security/2024/04/what-we-know-about-the-xz-utils-backdoor-that-almost-infected-the-world/
* https://xeiaso.net/notes/2024/xz-vuln/
* https://infosec.exchange/@AndresFreundTec@mastodon.social
* https://github.com/notselwyn/cve-2024-1086?tab=readme-ov-file
* https://doublepulsar.com/inside-the-failed-attempt-to-backdoor-ssh-globally-that-got-caught-by-chance-bbfe628fafdd
Visit https://www.securityweekly.com/psw for all the latest episodes!
Show Notes: https://securityweekly.com/psw-823
attack backdoors called compression down insights open source psw scary security security weekly software supply supply chain supply chain attack weekly
More from www.youtube.com / Security Weekly
Kicking Off With Crypto - PSW #827
1 day, 3 hours ago |
www.youtube.com
Air Gapped! The Myth of Securing OT - Thomas Johnson - CSP #172
3 days, 3 hours ago |
www.youtube.com
Jobs in InfoSec / Cybersecurity
Intern, Cyber Security Vulnerability Management
@ Grab | Petaling Jaya, Malaysia
Compliance - Global Privacy Office - Associate - Bengaluru
@ Goldman Sachs | Bengaluru, Karnataka, India
Cyber Security Engineer (m/w/d) Operational Technology
@ MAN Energy Solutions | Oberhausen, DE, 46145
Armed Security Officer - Hospital
@ Allied Universal | Sun Valley, CA, United States
Governance, Risk and Compliance Officer (Africa)
@ dLocal | Lagos (Remote)
Junior Cloud DevSecOps Network Engineer
@ Accenture Federal Services | Arlington, VA