Wait Just An Infosec

Introducing Wait Just an Infosec, the SANS Institute's new weekly show featuring world-renowned information security experts who cover the cybersecurity topics you care about most.

Upcoming Episode

Last week, Andres Freund, a developer working at Microsoft, found a sophisticated backdoor in xz-utils, a popular compression library. The backdoor was not only sophisticated from a technical point of view, but the threat actor had clearly prepared extensively, using social engineering to sneak the code into xz-utils and convince some Linux distributions to consider including it.

In this Wait Just an Infosec episode, SANS Internet Storm Center Handler Bojan Zdrnja will discuss what he learned through reverse engineering the backdoor. He will cover how the backdoor was hidden and what techniques the threat actor used to discourage reverse engineering. We will close by discussing the social engineering tactics observed and the implications for the open-source supply chain at large.

Read more about this vulnerability in the ICS Diary.

Latest Episode

Curious about the unique journeys women are taking to break into and shape the cybersecurity industry? Join us for an illuminating discussion led by Anjana Kambhampati, Product Management Director at Cisco, as we celebrate the achievements and insights of our panel of inspiring women in cybersecurity. We are thrilled to feature Jeraye Booth and Jennifer Miller, current students in the SANS Women’s Cyber Academy, alongside Emily Stocker, a proud graduate now excelling as a SOC Analyst II at Belcan. This is your chance to dive deep into their journeys, challenges, and successes. Don’t miss out on this empowering conversation that’s set to inspire and educate!


The Amazingly Scary XZ SSHD BackdoorDr. Johannes Ullrich, Bojan ZdrnjaApril 4, 2024
Changing the Landscape: Women Redefining Cybersecurity

Anjana Kambhampati, Jeraye Booth, Jennifer Miller, Emily Stocker

March 19, 2024
2024 Artificial Intelligence Security Trends and PredictionsKirk TrychelFebruary 6, 2024
2024 Industrial Control Systems Trends and PredictionsDean Parsons, Tim ConwayJanuary 30, 2024
2024 Ransomware Trends and PredictionsRyan Chapman, Mari DeGrazia, Ann PhamJanuary 23, 2024
2024 Cloud Security Trends and PredictionsShaun McCullough, Brandon Evans, Eric JohnsonJanuary 16, 2024
2024 Cyber Defense Trends and PredictionsJohn HubbardJanuary 9, 2024
Celebrating Cybersecurity Difference MakersDMA WinnersDecember 19, 2023
Ed’s Whacky Winter Wonder Holiday BonanzaEd SkoudisDecember 12, 2023
Empowering Tomorrow’s Security Leaders with the SANS Transformational TriadLance Spitzner, Russell Eubanks, December 5, 2023
Cyber Warfare Frontlines: Unveiling the Digital Battlefield with Jake WilliamsRob Lee, Jake WilliamsNovember 28, 2023
Thinking Outside the Firewall: Unconventional Cybersecurity JourneysRich GreeneNovember 14, 2023

Trusted Quality and Community

4.7 Stars (Over 66,000 Reviews in the Last Year)
Learners from 44k organizations in 201 countries
GIAC certification holders from 133 countries
employees protecting their organization with Security Awareness training

Join the Community

SANS Community membership grants you access to thousands of free content-rich resources, summits, and community CTF events to enhance your skills and level up. These resources are produced by SANS instructors and are updated continuously to include immediately useful knowledge and capabilities to support your cybersecurity goals.