comparemela.com

Dennis Ens News Today : Breaking News, Live Updates & Top Stories | Vimarsana

Attacker Social-Engineered Backdoor Code Into XZ Utils

Unlike the SolarWinds and CodeCov incidents, all that it took for an adversary to nearly pull off a massive supply chain attack was some slick social engineering and a string of pressure emails.

Kurt baumgartnerLasse collinHans jansenLasse collinsJigar kumarOpenjs foundation for javascriptSource security foundationEngineering the open source software supply chainOpen source software supplyOpen source security foundationArch linuxJia tanDennis ensWide castDark reading

One Person Saved The Security of the Internet

The Solarwinds attack showed that threat actors are increasingly moving to software supply chain attacks on software, and compromising low-handing fruit in its delivery. These threat actors often…

United statesAnthony weemsJigar kumarLasse collinsLasse collinScooby dooAndres freundRed hatOne person saved the securityAdvanced persistent threatJia tanDennis ensMicrosoft windowsRemote code execution

XZ Utils Supply Chain Attack: A Threat Actor Spent Two Years to Implement a Linux Backdoor

Read about a supply chain attack that involves XZ Utils, a data compressor widely used in Linux systems, and learn how to protect from this threat.

Jigar kumarThomas rocciaAndres freundEbo andersonMartin zugecGynvael coldwindLasse collinUtils githubRed hatJian tanDennis ensHexarcana cybersecurity gmbhRed hat enterprise linux

Xz utils stories at Techdirt

Posts about xz utils written by Mike Masnick

North koreaMike masnickJigar kumarLasse collinAndres freundCostin raiuAlex stamosJia tanDan goodinArs technicaDennis ens

Jia tan stories at Techdirt

Posts about jia tan written by Mike Masnick

North koreaLasse collinMike masnickJigar kumarCostin raiuAlex stamosAndres freundJia tanDan goodinArs technicaDennis ens

vimarsana © 2020. All Rights Reserved.