python (4)

11147306681?profile=RESIZE_400x

Partial encryption is a growing trend in the world of ransomware, but with it comes the potential for data recovery on affected files.  We’ll give an overview here on what the term “partial encryption” means.  It is perhaps more accurate to say, “intermittent encryption,” but even so, it will be important to understand this recent trend in how many ransomware infections operate.  From there, we’ll introduce White Phoenix, the freely available tool developed by CyberArk which can be used on part

11020228280?profile=RESIZE_400xBy monitoring an open-source ecosystem, the FortiGuard Labs team recently discovered over 60 zero-day attacks embedded in PyPI packages (Python Package Index) between early February and mid-March of 2023.  In this report[1], analysts cover all the packages found, grouping them into similar attacks or behaviors.

 

 

The packages in this set were found to be similar:

  • py-hydraurlstudy (version 2.37)
  • tptoolpywgui (version 10.56)
  • libgetrandram (version 7.78)
  • esqultraultrapong (version 7.37)
  • esqhacke

10777368500?profile=RESIZE_400xSecurity researchers have identified more than 20 malicious PyPI packages designed to steal passwords and other sensitive information from the victims’ machines.   Investigators are warning of two such packages ‘ultrarequests’ and ‘pyquest’ that were masquerading as ‘requests’, a highly popular open source package.  The malicious repositories copied the description from the legitimate package and contained fake statistics.  PyPI as an index which allows users to search for packages by keywords o

An adversary known for targeting the Financial Cyber Sector, at least since 2018, has switched up its tactics to include a new Python-based remote access Trojan (RAT).[1]  This RAT can steal passwords, documents, browser cookies, email credentials, software licenses, and credentials for trading software/platforms, customer credit card information, and proof of address/identity documents, and other sensitive information.   The group is suspected of offering APT style hacker-for-hire services to o