Showing only posts tagged GitHub. Show all posts.

GitHub besieged by millions of malicious repositories in ongoing attack

Source

Enlarge (credit: Getty Images) GitHub is struggling to contain an ongoing attack that’s flooding the site with millions of code repositories. These repositories contain obfuscated malware that steals passwords and cryptocurrency from developer devices, researchers said. The malicious repositories are clones of legitimate ones, making them hard to …

How to query and visualize Macie sensitive data discovery results with Athena and QuickSight

Source

Amazon Macie is a fully managed data security service that uses machine learning and pattern matching to help you discover and protect sensitive data in Amazon Simple Storage Service (Amazon S3). With Macie, you can analyze objects in your S3 buckets to detect occurrences of sensitive data, such as …

10 malicious Python packages exposed in latest repository attack

Source

Enlarge / Supply-chain attacks, like the latest PyPi discovery, insert malicious code into seemingly functional software packages used by developers. They're becoming increasingly common. (credit: Getty Images) Researchers have discovered yet another set of malicious packages in PyPi, the official and most popular repository for Python programs and code libraries …

Fighting Fake EDRs With ‘Credit Ratings’ for Police

Source

When KrebsOnSecurity recently explored how cybercriminals were using hacked email accounts at police departments worldwide to obtain warrantless Emergency Data Requests (EDRs) from social media firms and technology providers, many security experts called it a fundamentally unfixable problem. But don’t tell that to Matt Donahue, a former FBI …

Pro-Ukraine ‘Protestware’ Pushes Antiwar Ads, Geo-Targeted Malware

Source

Researchers are tracking a number of open-source “ protestware ” projects on GitHub that have recently altered their code to display “Stand with Ukraine” messages for users, or basic facts about the carnage in Ukraine. The group also is tracking several code packages that were recently modified to erase files on …

Hackers backdoor PHP source code after breaching internal git server

Source

Enlarge (credit: BeeBright / Getty Images / iStockphoto ) A hacker compromised the server used to distribute the PHP programming language and added a backdoor to source code that would have made websites vulnerable to complete takeover, members of the open source project said. Two updates pushed to the PHP Git server …