An emerging supply-chain attack due to a backdoor in XZ Utils has been identified. The backdoor allows an attacker to run commands remotely on vulnerable servers utilizing SSH without prior authentication. We have analyzed the critical attack path to discuss current mitigation strategies for such kinds of supply-chain attacks.
https://us02web.zoom.us/j/82930573803?pwd=nhSbbQcKpjkUA05eLgWeEqCgPEBqgG.1
Meeting ID: 829 3057 3803
Passcode: 130354