Cyber Blog

This blog is evolving into a broader space for my cybersecurity journey. While I’ll continue to share detailed walkthroughs from platforms like KC7, I’ll also be posting about tools I’m exploring, concepts I’m learning, projects I’m building, and insights from real-world research and coursework. Whether it’s a deep dive into threat hunting techniques or reflections on industry trends, this site serves as a growing archive of my hands-on experience and continuous learning in cybersecurity.

ACH - XZ Backdoor

James | 18 April 2025

Who Was Behind the XZ Backdoor? A Threat Attribution Exercise Using ACH Recently in class, Alex (classmate) and I worked on a threat attribution excersice using the Analysis of Competing Hypotheses (ACH) method. The focus? One of the most intriguing real-world incidents of 2024: the XZ backdoor — a stealthy supply chain compromise that could have impacted countless Linux systems worldwide.