GitHub is an useful development and versioning environment – part of it’s growth was to acquire another similar service NPM – a software depository. The software depository is now under possible attack from the simple of threat actors offering malicious packages with names that are just slightly different from the …
A specific but large target – but what does it do?
Targeting Chinese speaking people gives you a lot of potential targets but the researcher at SANS was unsure what this malicious does. Malicious Python Script Targeting Chinese People – SANS Internet Storm Center
Hackers reuse code as well
It is a classic move of any developer to reuse code – actually it is a professional move to reuse code that you know works. So it is no surprise that hackers take professional steps to ensure their malware attacks work. Even taking legitimate code from GitHub. Code Reuse In …
A malicious script that only one AV package detected!
SANS Internet Storm is reporting on a simple, non-obfuscated batch file script that evaded detection. A Simple Batch File That Blocks People – SANS Internet Storm Centre