Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Linux Foundation

Analysis of and Lessons from the Xz-Utils Vulnerability - What Might Come Next

Linux Foundation via YouTube

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore a detailed 40-minute conference talk that dissects the notable xz-utils vulnerability and its implications for software security. Delve into the sophisticated social engineering attack that combined multiple techniques including maintainer takeover, obfuscated trigger code, and deceptive binary files masquerading as sample archives. Learn how this attack specifically targeted Linux distributions, affecting the broader software supply chain. Examine comprehensive analyses of the incident timeline, technical details of the malicious code, and the attack methodology. Gain insights into assessing similar risks in open-source repositories using tools like OpenSSF's Scorecard and Criticality Score. Understand potential future attack vectors in the software industry and discover strategies for mitigation and response to such security threats.

Syllabus

Analysis of and Lessons from the Xz-Utils Vulnerability – What Mig... - Taku Shimosawa & Atsuya Kato

Taught by

Linux Foundation

Reviews

Start your review of Analysis of and Lessons from the Xz-Utils Vulnerability - What Might Come Next

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.