PyPI's 2FA Requirements Don't Go Far Enough, Researchers Say
The Python Package Index will require developers to better secure their accounts as cyberattacks ramp up, but protecting the software supply chain will take more than that.
Research examines attack methods, defenses, and vulnerabilities, helping security teams understand risks and improve protection.
Search across headline titles and summaries.
Background for this topic.
Research is the systematic study of technologies, systems, attack methods, vulnerabilities, and defensive techniques to establish evidence and produce new findings. In information security, it includes work such as discovering flaws in software or protocols, analyzing malware and attacker behavior, testing cryptographic designs, and evaluating security controls. News under this tag may describe a proof of concept, a measurement study, or a proposed technique rather than a confirmed real-world attack.
For practitioners, research can change how risks are prioritized and mitigated. A demonstrated vulnerability may require vulnerability-management teams to verify affected assets, apply fixes, or add compensating controls; responsible disclosure gives developers time to assess and remediate before technical details enable exploitation. Research involving live systems, personal data, or offensive tooling also raises privacy, authorization, dual-use, and ethical concerns. Sound findings should state their assumptions, scope, limitations, and reproducibility, since laboratory results do not automatically show that an attack is practical in every environment.
The Python Package Index will require developers to better secure their accounts as cyberattacks ramp up, but protecting the software supply chain will take more than that.
State-sponsored North Korean hacker group Kimsuky (a.ka. APT43) has been impersonating journalists and academics for spear-phishing campaigns to collect intelligence from think tanks, research centers, academic institutions, and various media organizations. [...]
It's a backdoor, Jim, but not as we know it... here's a sober look at this issue.
Oh cool, something else to scan for Researchers recently uncovered the following novel attack on the Python Package Index (PyPI).…
Time to MOVEit, MOVEit. We don't like to MOVEit, MOVEit Security researchers and the US government have sounded the alarm on a flaw in Progress Software's MOVEit Transfer that criminals have been "mass exploiting" for at least a month to break into IT environments and steal data.…
No activity logging in the free subscription for Google's Web-based productivity suite exposes enterprises to insider and other threats, researchers say.
Cybersecurity researchers have unmasked the identity of one of the individuals who is believed to be associated with the e-crime actor known as XE Group
Researchers have discovered a novel attack on the Python Package Index (PyPI) repository that employs compiled Python code to sidestep detection by application security tools
Cybersecurity researchers have offered a closer look at the RokRAT remote access trojan that's employed by the North Korean state-sponsored actor known as ScarCruft
Researchers have observed several cyberattacks leveraging a botnet called IZ1H9, which exploits vulnerabilities in exposed devices and servers running on Linux.
Cybersecurity researchers have found "backdoor-like behavior" within Gigabyte systems, which they say enables the UEFI firmware of the devices to drop a Windows executable and retrieve updates in an unsecure format
Cybersecurity researchers are warning about CAPTCHA-breaking services that are being offered for sale to bypass systems designed to distinguish legitimate users from bot traffic
A database for the notorious RaidForums hacking forums has been leaked online, allowing threat actors and security researchers insight into the people who frequented the forum. [...]
Researchers have discovered an inexpensive attack technique that could be leveraged to brute-force fingerprints on smartphones to bypass user authentication and seize control of the devices
Unit 42 researchers observed that a wave of malicious campaigns, all deployed by the same threat actor, have been using IZ1H9 since November 2021