Hi, I’m Tom

I’m a Security Engineer based in London

Latest Post

Apr 19, 2024

Backdooring Linux with Linker Envs the right way

The xz backdoor I think everyone heard from the very recent xz library backdoor. In short, malicious code has been silently introduced in the official repository of this compression library. It then uses rtld-audit to add an audit hook and listen to dynamic linking events. In particular, OpenSSH on some distributions use xz for compression purposes and, as a result, loads xz. Please refer to 1 for more information about the backdoor. Read more
All Posts

About

profile.png

My name is Tom Ganz and I am currently living in London and working as a security engineer @Amazon. I am interested in computer security and machine learning. Feel free to send me an E-Mail using my PGP key.

  • PhD Machine Learning and IT Security @Technical University of Berlin
  • Msc. Computer Science @University of Applied Sciences Karlsruhe
  • Bsc. Applied Computer Science @Corporate State University Karlsruhe
  • Reviews for IEEE Access
  • Subreviews for S&P
  • Reviews for CCS AISec
  • AISec CCS Best Paper Award 2021
  • Cooperate State University Karlsruhe 2022: Lecturer for Compiler Engineering
  • SAP Conference on Machine Learning 2022: Explainable Fuzzing
  • SAP Conference on Machine Learning 2022: Graph Autoencoders - on the Hunt for Malicious Commits
  • SAP Development Kick-Off Meeting: Automated Analysis of Source Code Repositories using Machine Learning
  • SAP Conference on Machine Learning 2021: Intelligently Protect the Enterprise - What machines may learn about graphs in your software
  • SAP Security Expert Summit 2021: Intelligently Protect the Enterprise - What machines may learn about graphs in your software

Check out my LinkedIn to see my current CV.