On this #PiDay, we want to remind you that our love for #python is infinite! Give the unique and unrepeatable love of Python* to yourself or a friend 💙💛 grab the @nostarch Humble Bundle today!
:python: Lazarus Exploits Typos to Sneak PyPI #Malware into #Dev Systems:
The notorious #NorthKorea'n state-backed hacking group Lazarus uploaded four packages to the #Python Package Index (#PyPI) repository with the goal of infecting #develop'er systems with malware.
#pypi#python - Did someone already write a tool to front run safety or pip-audit before anything is installed? I guess something like "poetry lock" and then audit the files for suspicious situations, like CVEs or the repo was created yesterday or the package was published yesterday.
Installing everything then running safety imho has always been !@#$!@$ stupid because the malicious code runs during install.
Looking back at 2023 @miketheman uncovered some impressive metrics that we want to share! A big thanks to Fastly- And also @awsopen for making Mike’s job possible! #thankyou#PyPI#python
Hey friends! After a long hiatus, I'm starting #streaming again - as mentioned in an earlier post, I'm going to be figuring out how to create #apt / #yum repos. I've done some very simple #pypi in the past, and may do some work on that, too. We'll see what we can get done in the time I'll be spending.
When someone republishes an identical (?) copy of a major package under their own name on #pypi, that's probably malicious right? This is a variation on typosquatting.
Inspired by @fcodvpt post about current popularity of build backends, I investigated how the popularity of build backends used in pyproject.toml evolved over time since PEP-0517 introduced them in 2015:
For those interested in such things I have had a go at writing a #python module "parenx" ("pare" + "nx") that simplifies linear networks, such as road and rail, using buffering and either image skeletonization or Voronoi polygons to identify a centre-line
It is beta-code and has a number of limitations but hopefully it might be of interest. Noting that two-dimension areal interpolation problem seems well understood
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #01/2024 is out! It includes the following and much more:
➝ 🇺🇸 🖼️ MAJOR US #MUSEUMS SUFFER #CYBERATTACK FALLOUT
➝ 🇪🇸 📡 A “ridiculously weak“ password causes disaster for #Spain’s No. 2 mobile carrier
➝ 🔓 🧬 #23andMe tells victims it’s their fault that their data was breached
➝ 🔓 💸 #OrbitChain loses $86 million in the last #fintech hack of 2023
➝ 🔓 🅿️ Europe’s Largest Parking App Provider Informs Customers of Data Breach
➝ 💸 🙊 #Crypto wallet founder loses $125,000 to fake airdrop website
➝ 🇺🇸 ⚖️ US Says 19 People Charged Following 2019 Takedown of #xDedic Cybercrime Marketplace
➝ 🇵🇸 🇮🇱 Palestinian Hackers Hit 100 Israeli Organizations in Destructive Attacks
➝ 🔓 ❌ Hacked #Mandiant X Account Abused for #Cryptocurrency Theft
➝ 🇳🇬 🇺🇸 ⚖️ Nigerian hacker arrested for stealing $7.5M from charities
➝ 🇦🇱 📡 Albanian Parliament and One Albania Telecom Hit by Cyber Attacks
➝ 🇺🇸 The FBI is adding more cyber-focused agents to U.S. embassies
➝ 🇺🇸 ⚖️ Former #BreachForums admin to be jailed until Jan. 19 sentencing
➝ 🇺🇸 💰 DOJ Slams #XCast with $10 Million Fine Over Massive Illegal Robocall Operation
➝ 📷 🥸 #Google Contractor Pays Parents $50 to Scan Their Childrens' Faces
➝ 💰 🥸 Google Settles $5 Billion #Privacy Lawsuit Over Tracking Users in 'Incognito Mode'
➝ 🇨🇳 🗳️ #Taiwan to reveal Chinese election interference after Saturday’s vote
➝ 🦠 💰 #Merck Settles #NotPetya Insurance Claim, Leaving #Cyberwar Definition Unresolved
➝ 🦠 🇰🇵 SpectralBlur: New #macOS Backdoor Threat from North Korean Hackers
➝ 🦠 🐍 3 Malicious #PyPI Packages Found Targeting #Linux with Crypto Miners
➝ 🦠 🎠 New Bandook #RAT Variant Resurfaces, Targeting #Windows Machines
➝ 🦠 🎠 UAC-0050 Group Using New #Phishing Tactics to Distribute Remcos RAT
➝ 🦠 🇺🇦 CERT-UA Uncovers New #Malware Wave Distributing OCEANMAP, MASEPIE, STEELHOOK
➝ 🔓 🦠 Free Decryptor Released for #BlackBasta Ransomware
➝ 🐛 📨 #SMTP Smuggling: New Flaw Lets Attackers Bypass Security and Spoof #Emails
➝ 🩹 #Ivanti warns critical EPM #bug lets hackers hijack enrolled devices
➝ 🩹 Google Patches Six Vulnerabilities With First #Chrome Update of 2024
➝ 🩹 🐡 Millions still haven’t patched #Terrapin SSH protocol #vulnerability
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
3 miesiące temu wnioskowałem o transfer projektu tyrian-sphinx-theme na #PyPI — to szablon dokumentacji #Gentoo, do którego straciliśmy dostęp, kiedy jego autor nagle opuścił dystrybucję. Przez ten czas nie było żadnego odzewu. I tak, wiem, że praktycznie wszystkie podobne wnioski stoją w miejscu.
Żeby uniknąć podobnych sytuacji w przyszłości, wnioskowałem również o utworzenie organizacji Gentoo. Ta prośba również czeka już 3 miesiące, bez jakiegokolwiek odzewu. Wzdych.
Ekosystem Pythona jest super. Mówcie mi dalej, że dystrybucje nie powinny robić własnych paczek dla Pythonowych projektów.
🚨 PSA: #PyPI is requiring #2FA in 2024 to publish new releases. If you're a developer of #Python packages then you need to enable 2FA in addition to adopting either Trusted Publishers or API tokens before publishing new releases.
📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #46/2023 is out! It includes the following and much more:
➝ 🔓 🇯🇵 #Toyota confirms breach after Medusa #ransomware threatens to leak data
➝ 🇺🇸 😂 Ransomware gang files #SEC complaint over victim’s undisclosed #breach
➝ 🔓 🪶 Attackers claim Plume Design, Inc data breach
➝ 🇺🇸 💰 #ICBC paid ransom after hack that disrupted markets, #cybercriminals say
➝ 🔓 #Dragos Says No Evidence of Breach After Ransomware Gang Claims Hack via Third Party
➝ 🔓 ✈️ Hackers swipe Booking.com, damage from attack is global
➝ 🇷🇺 🇺🇦 Russian #CyberEspionage Group Deploys #LitterDrifter USB #Worm in Targeted Attacks
➝ 🇮🇱 🇺🇸 Israeli Man Who Made $5M From Hacking Scheme Sentenced to Prison in US
➝ 🇫🇮 ⚖️ Alleged Extortioner of Psychotherapy Patients Faces Trial
➝ 🇺🇸 💸 #LockBit ransomware exploits #CitrixBleed in attacks, 10K servers exposed
➝ 🇺🇸 ⚖️ #IPStorm botnet with 23,000 proxies for malicious traffic dismantled
➝ 👶🏻 🧨 Teens with “digital bazookas” are winning the ransomware war, researcher laments
➝ 💸 #Ethereum feature abused to steal $60 million from 99K victims
➝ 🇩🇰 🇷🇺 #Denmark Hit With Largest #Cyberattack on Record
➝ 🇨🇳 🇰🇭 Chinese Hackers Launch Covert #Espionage Attacks on 24 Cambodian Organizations
➝ 🇲🇾 Major Phishing-as-a-Service Syndicate '#BulletProofLink' Dismantled by Malaysian Authorities
➝ 🇪🇺 🥳 EU Parliament committee rejects mass scanning of private and encrypted communications
➝ 🩹 #ICS Patch Tuesday: 90 Vulnerabilities Addressed by Siemens and Schneider Electric
➝ 🦠 🐍 27 Malicious #PyPI Packages with Thousands of Downloads Found Targeting IT Experts
🇻🇳 🇮🇳 Vietnamese Hackers Using New #Delphi-Powered #Malware to Target Indian Marketers
➝ 🔐 #Google Adds #Passkey Support to New Titan Security Key
➝ 🐛 Zero-Day Flaw in #Zimbra Email Software Exploited by Four Hacker Groups
➝ 🩹 #SAP Patches Critical Vulnerability in Business One Product
➝ 🐛 New #Reptar CPU flaw impacts Intel desktop and server systems
➝ 🐛 New #CacheWarp AMD #CPU attack lets hackers gain root in Linux VMs
📚 This week's recommended reading is: "Tribe of Hackers: Cybersecurity Advice from the Best Hackers in the World" by @marcusjcarey and Jennifer Jin
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️
🐍 Developers can’t seem to stop exposing credentials in publicly accessible code
➥ @arstechnica
「 Researchers from security firm GitGuardian this week reported finding almost 4,000 unique secrets stashed inside a total of 450,000 projects submitted to PyPI, the official code repository for the Python programming language 」