Topic: Supply Chain Security

The following is a list of posts covered on my Blog, under the topic “Supply Chain Security”, sorted from most to least recent.

• The “xz” Backdoor Posted on March 29, 2024

  Another big security event happened.

  This time, it’s that the “xz” project was backdoored. The full details and impact of the attack are still being understood, with Linux distros and other systems that have integrated the malicious code now raising their antibodies and responding. This will continue as we figure out the scope, and secondary impacts and recommended next steps like rotating SSH keys and detecting if individual systems have been compromised will no doubt come as well.

  Continue Reading →