It is a while since I have written about the threat actors getting inside software repositories and infecting widely used software packages with malware. Subsequently these packages are then innocently used by web and software developers, infecting their work which is then passed onto the end client, potentially you. The …
Why modern software does not help with the cyber threat
Modern software often offers extra features through the use of code extensions such as using Python or in the case of Microsoft the macro. We all love the extra functionality – threat actors like the way this functionality allows them to slip malicious code through our defences to us. Microsoft …
Continue reading “Why modern software does not help with the cyber threat”
PyPi software repository takes the most basic of security steps…
Having temporarily closed its doors last week to new business, PyPi – a python code repository – is now enforcing the most basic of cyber security precautions – 2FA! PyPI announces mandatory use of 2FA for all software publishers (bleepingcomputer.com) Your takeaway from this is that any essential business service …
Continue reading “PyPi software repository takes the most basic of security steps…”
PyPi. I wrote about code supply chain compromise last week…
…and I am writing about code supply chain compromise again this week. PyPi. PyPi is a well-respected repository of python code – I used it myself whilst at uni – but to try and get to grips with the influx of malicious code it has closed its doors to new …
Continue reading “PyPi. I wrote about code supply chain compromise last week…”
You need excellent anti-virus software but…
It is obvious that every computer – including Macs – need the best anti-virus you can afford and you need to be able check that your team do not turn it off! However the threat actors know you have invested in great anti-virus software so they work to get around …
Continue reading “You need excellent anti-virus software but…”