Security News

Python-based Spy RAT Emerges to Target FinTech
2020-09-03 15:28

The malware's emergence dovetails with a change in the chain of infection and an expansion of infrastructure for the APT. According to researchers at Cybereason, PyVil RAT enables the attackers to exfiltrate data, perform keylogging and take screenshots, and can roll out secondary credential-harvesting tools such as LaZagne. The latest series of campaigns observed by Cybereason that use PyVil RAT are widespread yet targeted, taking aim at FinTech companies across the U.K. and E.U. The attack vector is spear-phishing emails, which use the Know Your Customer regulations as a lure.

Facebook Open Sources Analysis Tool for Python Code
2020-08-11 03:30

Facebook has announced the availability of Pysa, an open-source tool designed for the static analysis of Python code. The security-focused tool relies on Pyre, Facebook's type checker for Python, and allows for the analysis of how data flows through code.

Facebook open-sources a static analyzer for Python code
2020-08-10 12:16

Need a tool to check your Python-based applications for security issues? Facebook has open-sourced Pysa, a tool that looks at how data flows through the code and helps developers prevent data flowing into places it shouldn't. "Pysa tracks flows of data through a program. The user defines sources as well as sinks," Facebook security engineer Graham Bleaney and software engineer Sinan Cepel explained.

Week in review: Python backdoor attacks, Windows zero-days under attack, crowdsourced pentesting
2020-03-29 09:45

Windows users under attack via two new RCE zero-daysAttackers are exploiting two new zero-days in the Windows Adobe Type Manager Library to achieve remote code execution on targeted Windows systems. Widely available ICS attack tools lower the barrier for attackersThe general availability of ICS-specific intrusion and attack tools is widening the pool of attackers capable of targeting operational technology networks and industrial control systems.

Python backdoor attacks and how to prevent them
2020-03-24 06:00

Scripting attacks are nearly as common as malware-based attacks in the United States and, according to the most recent Crowdstrike Global Threat Report, scripting is the most common attack vector in the EMEA region. Python backdoor scripts are easy to find - a simple GitHub search turns up more than 200.

Python, microservices, and more tech trends for 2020, according to O'Reilly
2020-02-18 12:30

Tech education firm O'Reilly has released its annual study of how students used its platform in the past year, and its findings deserve attention from tech decision makers. The report, which combines both usage and search data from O'Reilly's online learning platform, paints an excellent picture of what's trending in the tech world.

S2 Ep22: Word doc stops fraud, bye bye Python 2, latest from the ransomware swamp – Naked Security Podcast
2020-01-09 12:25

This week we discuss the IT exec who scammed his employer out of $6m with fake invoices and the death of Python. Peter also shares two of his latest investigations from the ransomware swamp.

Python is dead. Long live Python!
2020-01-03 14:56

Given that Python 2 has been replaced by Python 3 without any interruption, and given that nothing bad happened when Python 1 switched over to Python 2 around the turn of the millennium, why is the "Death" of Python 2 such a big deal now? When Python 2 came along, it was a natural progresion from Python 1, and software written in Python 1 was, essentially, already valid Python 2.

Machine-raiding Python libraries squashed by community
2019-12-05 16:55

Python developers have once again fallen victim to malicious software libraries lurking in their favourite package manager.

Saturn Cloud Dask: A Python-native parallel computing framework for scalable data science
2019-12-03 02:30

Saturn Cloud, a provider of data science tools, announced it has launched the first-ever commercial offering of Dask, a Python-native parallel computing framework for scalable data science. This...