(Security Matters Even More)
I could write a long piece about the ins and outs of these, but really my heart’s not in it — I’ve written about this more than often enough in the Past and there’s really no more to be said on the matter than that you should take all the precautions you can.
So, read these.
Read any (all) BTL user/reader comments (if any).
Not all of them (e.g. SolarWinds) still merit a ‘Red Alert’ response from you now, but I’ve listed them because they are nevertheless recent examples of the state of play and why you need to keep your eye on the ball at all times — the nearer to the top of the list, the more immediately relevant the matters discussed in the article.
HTML smuggling is the latest cybercrime tactic you need to worry about
It will be hard to catch these smugglers, as they're abusing an essential element of web browsers that allow them to…
Several Malicious Typosquatted Python Libraries Found On PyPI Repository
Researchers discover malicious Python libraries in the PyPI Repository aimed at stealing credit cards and injecting…
With help from Google, impersonated Brave.com website pushes malware
Scammers have been caught using a clever sleight of hand to impersonate the website for the Brave browser and using it…
Software downloaded 30,000 times from PyPI ransacked developers' machines
Open source packages downloaded an estimated 30,000 times from the PyPI open source repository contained malicious code…
About half of Python libraries in PyPI may have security issues, boffins say
Boffins in Finland have scanned the open-source software libraries in the Python Package Index, better known as PyPI…
How to Mitigate Microsoft Windows 10, 11 SeriousSAM Vulnerability
Microsoft Windows 10 and Windows 11 users are at risk of a new unpatched vulnerability that was recently disclosed…
Microsoft Warns of LemonDuck Malware Targeting Windows and Linux Systems
A notorious cross-platform crypto-mining malware has refined and improved its techniques to attack Windows and Linux…
Hackers Exploit Microsoft Browser Bug to Deploy VBA Malware on Targeted PCs
Hackers Exploit Microsoft IE Browser Bug to Infect Targeted Computers with VBA Malware
Sysadmins: Why not simply verify there's no backdoor in every program you install, and thus avoid…
Half of publicly reported supply chain attacks were carried out by "well known APT groups", according to an analysis by…
We're not saying this is how SolarWinds was backdoored, but its FTP password 'leaked on GitHub in…
Updated SolarWinds, the maker of the Orion network management software that was subverted to distribute backdoored…
US Treasury, Dept of Commerce hacks linked to SolarWinds IT monitoring software supply-chain attack
Updated SolarWinds' Orion IT monitoring platform has been compromised, and speculation is swirling it was used as a…
JetBrains' build automation software eyed as possible enabler of SolarWinds hack
The SolarWinds security breach disclosed last month, which US authorities believe was of Russian origin and led to the…
SolarWinds backdoor gang pwns Microsoft support agent to turn sights on customers
In brief The SolarWinds backdoor gang last month infiltrated Microsoft's support desk via a phishing attack to obtain…
Backdoored SolarWinds software, linked to US govt hacks, in wide use throughout the British public…
Concern is gathering over the effects of the backdoor inserted into SolarWinds' network monitoring software on…
Also … don’t forget the phenomenon of bitsquatting
Bitflips when PCs try to reach windows.com: What could possibly go wrong?
Bitflips are events that cause individual bits stored in an electronic device to flip, turning a 0 to a 1 or vice…
It hasn’t been shown to be a widespread threat yet, but that doesn’t mean it never will be ¹ … if there’s money to be made from it, people will try it … and, it arises from the fact that computers can make mistakes even when the user doesn’t and there were no software bugs (as if, but nevertheless); you can end up at a site other than the one you were looking for as a result of overheating, system uptime, manufacturing defects … even cosmic rays:
Why Bitsquatting Attacks Are Here to Stay
Typos have a long history, by turns serious and silly, going back to the dawn of the printed page. But thanks to the…
You may not even notice:
Phishing with 'punycode' - when foreign letters spell English words
The curiously-named system known as is a way of converting words that can't be written in ASCII, such as the Ancient…
… not least because there’s no guarantee that the bit flipped will necessarily result in a printing character either (there are non-printing characters too ² ).
So … along with all the usual caveats about visiting random websites, clicking on random links, downloading random software, trojan horses, etc. … you should now appreciate these all the more …
- The update post
2. The original
Because you don’t need to rely on a compromised python library or web framework yourself to get owned, you just need to browse to a site that makes use of something that makes use of something that makes use of something that makes use of something … that does — stop searching for sites in search engines and clicking the first link that appears, enter the address directly in the URL/URI/address-bar (that’s what it’s for!) ³.
And, remember, the need to pay attention and be careful is not limited to desktop/laptop devices … this all applies to mobile too.
¹ “A 2011 Black Hat paper detailed an analysis where eight legitimate domains were targeted with thirty one bitsquat domains. Over the course of one day, 3,434 requests were made to bitsquat domains” (Wikipedia).
² I format my posts with a non-printing space, for instance …
… which could potentially be registered as valid sites by automated domain registration systems — a series of bits is a series of bits and the software sees them even when the eye can’t.
³ Seriously, it takes no more effort to type amazon.com in there than it does in the search box on DuckDuckGo, Startpage or wherever (you aren’t dimwitted enough to use Google, so there’s no need to worry about that one). In fact, you’ll go straight to the site instead of having to click on the link afterwards, so it’s quicker and less effort as well as safer (you haven’t been doing yourself any favours by being lazy up until now, just making more work for yourself).