Upcoming Episode
Last week, Andres Freund, a developer working at Microsoft, found a sophisticated backdoor in xz-utils, a popular compression library. The backdoor was not only sophisticated from a technical point of view, but the threat actor had clearly prepared extensively, using social engineering to sneak the code into xz-utils and convince some Linux distributions to consider including it.
In this Wait Just an Infosec episode, SANS Internet Storm Center Handler Bojan Zdrnja will discuss what he learned through reverse engineering the backdoor. He will cover how the backdoor was hidden and what techniques the threat actor used to discourage reverse engineering. We will close by discussing the social engineering tactics observed and the implications for the open-source supply chain at large.
Read more about this vulnerability in the ICS Diary.
Latest Episode
Curious about the unique journeys women are taking to break into and shape the cybersecurity industry? Join us for an illuminating discussion led by Anjana Kambhampati, Product Management Director at Cisco, as we celebrate the achievements and insights of our panel of inspiring women in cybersecurity. We are thrilled to feature Jeraye Booth and Jennifer Miller, current students in the SANS Women’s Cyber Academy, alongside Emily Stocker, a proud graduate now excelling as a SOC Analyst II at Belcan. This is your chance to dive deep into their journeys, challenges, and successes. Don’t miss out on this empowering conversation that’s set to inspire and educate!
Episodes
Trusted Quality and Community
Join the Community
SANS Community membership grants you access to thousands of free content-rich resources, summits, and community CTF events to enhance your skills and level up. These resources are produced by SANS instructors and are updated continuously to include immediately useful knowledge and capabilities to support your cybersecurity goals.