Przejdź do trybu offline z Player FM !
Costin Raiu joins the XZ Utils backdoor investigation
Manage episode 410857301 series 2416144
Episode sponsors:
- Binarly, the supply chain security experts (https://binarly.io)
- XZ.fail backdoor detector (https://xz.fail)
Malware paleontologist Costin Raiu returns for an emergency episode on the XZ Utils software supply chain backdoor. We dig into the timeline of the attack, the characteristics of the backdoor, affected Linux distributions, and the reasons why 'Tia Jan' is the handiwork of a cunning nation-state.
Based on all the clues available, Costin pinpoints three main suspects -- North Korea's Lazarus, China's APT41 or Russia's APT29 -- and warns that there are more of these backdoors lurking in modern software supply chains.
Links:
152 odcinków
Manage episode 410857301 series 2416144
Episode sponsors:
- Binarly, the supply chain security experts (https://binarly.io)
- XZ.fail backdoor detector (https://xz.fail)
Malware paleontologist Costin Raiu returns for an emergency episode on the XZ Utils software supply chain backdoor. We dig into the timeline of the attack, the characteristics of the backdoor, affected Linux distributions, and the reasons why 'Tia Jan' is the handiwork of a cunning nation-state.
Based on all the clues available, Costin pinpoints three main suspects -- North Korea's Lazarus, China's APT41 or Russia's APT29 -- and warns that there are more of these backdoors lurking in modern software supply chains.
Links:
152 odcinków
Wszystkie odcinki
×![Three Buddy Problem podcast artwork](/static/images/64pixel.png)
1 An 'extremely sophisticated' iPhone hack; Google flags major AMD microcode bug 1:25:12
![Three Buddy Problem podcast artwork](/static/images/64pixel.png)
1 Unpacking the UK government's secret iCloud backdoor demand 2:22:42
![Three Buddy Problem podcast artwork](/static/images/64pixel.png)
1 Inside the DeepSeek AI existential crisis, Chinese 'backdoor' in medical devices 2:19:44
![Three Buddy Problem podcast artwork](/static/images/64pixel.png)
1 Death of the CSRB, zero-days storms at the edge, Juniper router backdoors 1:48:59
![Three Buddy Problem podcast artwork](/static/images/64pixel.png)
1 Inside the PlugX malware removal operation, CISA takes victory lap and another Fortinet 0day 1:59:52
![Three Buddy Problem podcast artwork](/static/images/64pixel.png)
1 Hijacking .gov backdoors, Ivanti 0days and a Samsung 0-click vuln 1:48:21
![Three Buddy Problem podcast artwork](/static/images/64pixel.png)
1 US Treasury hacked via BeyondTrust, MISP and the threat actor naming mess 1:49:16
![Three Buddy Problem podcast artwork](/static/images/64pixel.png)
1 Palo Alto network edge device backdoor, Cyberhaven browser extension hack, 2024 research highlights 1:53:11
![Three Buddy Problem podcast artwork](/static/images/64pixel.png)
1 US government's VPN advice, dropping bombs on ransomware gangs 1:58:40
![Three Buddy Problem podcast artwork](/static/images/64pixel.png)
1 Surveillance economics, Turla and Careto, and the AI screenshots nobody asked for 2:14:07
![Three Buddy Problem podcast artwork](/static/images/64pixel.png)
1 Inside the Turla Playbook: Hijacking APTs and fourth-party espionage 1:47:08
![Three Buddy Problem podcast artwork](/static/images/64pixel.png)
1 Volexity’s Steven Adair on Russian Wi-Fi hacks, memory forensics, appliance 0days and network inspectability 1:18:33
![Three Buddy Problem podcast artwork](/static/images/64pixel.png)
1 Sid Trivedi on the RSA Innovation Sandbox $5 million investment gambit 1:01:12
![Three Buddy Problem podcast artwork](/static/images/64pixel.png)
1 Russian APT weaponized nearby Wi-Fi networks in DC, new macOS zero-days, DOJ v Chrome 1:28:22
![Three Buddy Problem podcast artwork](/static/images/64pixel.png)
1 What happens to CISA now? Is deterrence in cyber possible? 1:53:51
Zapraszamy w Player FM
Odtwarzacz FM skanuje sieć w poszukiwaniu wysokiej jakości podcastów, abyś mógł się nią cieszyć już teraz. To najlepsza aplikacja do podcastów, działająca na Androidzie, iPhonie i Internecie. Zarejestruj się, aby zsynchronizować subskrypcje na różnych urządzeniach.