Threat Intelligence

XZ Opensource Supply Chain Threat

XZ Opensource Supply Chain Threat Intelligence Briefing

On March the 29th a Microsoft engineer accidently discovered a backdoor that had been intentionally added to XZ utils software project, an open-source data compression utility that is used in almost all Linux distributions. The backdoor had been deliberately planted by a developer in the project. This developer had joined the project two years earlier and over the course of the two years earned the trust of the project maintainer by contributing bug fixes and code improvements to the project. Leveraging this trust and having been given the ability to directly approve code changes to the project the developer inserted the backdoor in February of this year.

Please provide your details to view our paper

XZ Opensource Supply Chain Threat Intelligence Brief April 2024 //

Read our latest Strategic Threat Intel Report

Download Report

More Articles & News

View All

Downloadable Assets

Threat Intelligence

The Russian Threat to Undersea Infrastructure

Since the Russian invasion of Ukraine in February 2022, NATO and the European Union have continued to support Ukraine with humanitarian and military assistance in its resistance to the invasion. As a result European countries including Ireland are viewed as legitimate targets by Russia for offensive cyber security operations.

Downloadable Assets

Threat Intelligence

Ransomware Situational Report

On the 8th of November the Industrial and Commercial Bank of China Financial Services (“ICBC FS”) a wholly owned subsidiary of Industrial and Commercial Bank of China Limited (“ICBC”) headquartered in New York notified the Securities Industry and Financial Markets Association in New York that it was experiencing a ransomware attack.

Threat Intelligence

XZ Opensource Supply Chain Threat