Security News
Windows users under attack via two new RCE zero-daysAttackers are exploiting two new zero-days in the Windows Adobe Type Manager Library to achieve remote code execution on targeted Windows systems. Widely available ICS attack tools lower the barrier for attackersThe general availability of ICS-specific intrusion and attack tools is widening the pool of attackers capable of targeting operational technology networks and industrial control systems.
Scripting attacks are nearly as common as malware-based attacks in the United States and, according to the most recent Crowdstrike Global Threat Report, scripting is the most common attack vector in the EMEA region. Python backdoor scripts are easy to find - a simple GitHub search turns up more than 200.
Tech education firm O'Reilly has released its annual study of how students used its platform in the past year, and its findings deserve attention from tech decision makers. The report, which combines both usage and search data from O'Reilly's online learning platform, paints an excellent picture of what's trending in the tech world.
This week we discuss the IT exec who scammed his employer out of $6m with fake invoices and the death of Python. Peter also shares two of his latest investigations from the ransomware swamp.
Given that Python 2 has been replaced by Python 3 without any interruption, and given that nothing bad happened when Python 1 switched over to Python 2 around the turn of the millennium, why is the "Death" of Python 2 such a big deal now? When Python 2 came along, it was a natural progresion from Python 1, and software written in Python 1 was, essentially, already valid Python 2.
Python developers have once again fallen victim to malicious software libraries lurking in their favourite package manager.
Saturn Cloud, a provider of data science tools, announced it has launched the first-ever commercial offering of Dask, a Python-native parallel computing framework for scalable data science. This...
Threat Stack, the leader in cloud security and compliance for infrastructure and applications, announced Python support for Threat Stack Application Security Monitoring. Included with no...
The utility can identify insecure code in production from third-party packages as well as original code.
With 35 million lines of Python code, the Athena trading platform is at the core of JPMorgan's business operations. A late start to migrating to Python 3 could create a security risk.