• Daily Illinois
  • About
  • Contact
  • Privacy
  • Terms
  • DMCA
  • Sitemap
  • Write For Us
Sunday, February 5, 2023
Daily illinois - USA | News, Sports & Updates Web Magazine
  • Covid-19
  • News
    • All
    • Business
    • Education
    • Politics
    • Sports
    • World
    Incorporate effective visual aids.

    Tips for Making a Custom Presentation 02/01

    A Guide to Quick Loans

    Speedy Solutions: A Guide to Quick Loans

    Benefits of SEN in education

    Benefits of SEN in education — why children need it

    Environmentally Friendly Cryptocurrencies

    The Best Sustanable & Environmentally Friendly Cryptocurrencies 2022

    Build Brand awareness via Organic Social Media

    Build Brand awareness via Organic Social Media

    Digital Marketing Internship Program

    Things To Know Before Joining Digital Marketing Internship Program

    How to save your kids from high school nudity

    How To Save Your Kids From High School Nudity

    Social recruiting for B2B companies

    Social Recruiting for B2B Companies

    Data Protection in the Employment Contract

    Data Protection in the Employment Contract

    motivate colleagues

    How Can You Motivate Colleagues?

  • Science & Tech
    • All
    • Ai - Artificial Intelligence
    • Apps
    • Mobile
    Find Someone Information Using Phone Number

    Ways to Find Someone Information Using Phone Number

    What is the Structure of a Mobile App

    What is the Structure of a Mobile App?

    Limit the Damage in an Emergency

    Logging strategy: Limit the Damage in an Emergency

    Dev Ops Future And Free Platform To Learn

    Dev Ops Future And Free Platform To Learn

    Does discord notify you when you leave a group chat?

    Does discord notify you when you leave a group chat?

    Redirects and Benefits of it

    What Are Redirects And Benefits Of It

    Data Protection Officer Tasks

    Data Protection Officer Tasks

    How to Get a Tinder Refund in Less Than Two Minutes

    How to Get a Tinder Refund in Less Than Two Minutes

    How To Send Pictures on Tinder

    How To Send Pictures on Tinder

    How To Change Age on Tinder

    How To Change Age on Tinder

  • Entertainment
    • All
    • Gaming
    • Movie
    • Music
    See a show on Broadway

    Ideas For Your Bucket List In 2023

    CBD DISPOSABLE VAPE PEN 1000MG

    CBD DISPOSABLE VAPE PEN 1000MG

    What Are The Benefits Of Using HWID Spoofer For Valorant

    What Are The Benefits Of Using HWID Spoofer For Valorant?

    Game studios are shelving play-to-earn games

    Game studios are shelving play-to-earn games

    Battle Infinity

    4,400% return! This coin could still increase its price a hundredfold

    Christine Settingsgaard sits in her yard on Wednesday, Sept 14, 2022, in Barrington. Settingsgaard was lured into sophisticated financial scam this summer via a man she met on Hinge, and “lost everything.”

    The case of the vanishing deposit – Chicago Tribune

    NFL Week 4 takeaways – Lessons, big questions for every game

    Live: Miley Cyrus, Def Leppard join Taylor Hawkins tribute

    Live: Miley Cyrus, Def Leppard join Taylor Hawkins tribute

    'Catherine Called Birdy' review: Lena Dunham's instant teen classic

    ‘Catherine Called Birdy’ review: Lena Dunham’s instant teen classic

    Home Depot Skeleton Alternatives

    Home Depot Skeleton Alternatives

    • F95zone
  • Lifestyle
    • All
    • Fashion
    • Food
    • Travel
    Can I wear a white shirt with grey dress pants?

    Can You Wear a White Shirt with Grey Pants?

    New Trendy Bodysuit Outfit Ideas 2023

    New Trendy Bodysuit Outfit Ideas 2023

    How Do You Style A Simple Top

    How Do You Style Your Simple Tops?

    Great Ocean Road

    6 Things you can Experience along the Great Ocean Road

    So You Want to Be a Chef Here’s What You Need to Know

    So You Want to Be a Chef? Here’s What You Need to Know

    waterdrop reverse osmosis water filter

    Your Comprehensive Guide To The Tankless Reverse Osmosis System

    Best vegan gift ideas for every budget

    Best vegan gift ideas for every budget

    Things You Should Consider When Traveling

    Things You Should Consider When Traveling

    The complete guide for buying Water Purifiers

    The complete guide for buying Water Purifiers

    The Most Techy Smartwatches in 2022

    The Most Techy Smartwatches in 2022

33 °f
Chicago
35 ° Sat
35 ° Sun
35 ° Mon
37 ° Tue
No Result
View All Result
Daily illinois - USA | News, Sports & Updates Web Magazine
  • Covid-19
  • News
    • All
    • Business
    • Education
    • Politics
    • Sports
    • World
    Incorporate effective visual aids.

    Tips for Making a Custom Presentation 02/01

    A Guide to Quick Loans

    Speedy Solutions: A Guide to Quick Loans

    Benefits of SEN in education

    Benefits of SEN in education — why children need it

    Environmentally Friendly Cryptocurrencies

    The Best Sustanable & Environmentally Friendly Cryptocurrencies 2022

    Build Brand awareness via Organic Social Media

    Build Brand awareness via Organic Social Media

    Digital Marketing Internship Program

    Things To Know Before Joining Digital Marketing Internship Program

    How to save your kids from high school nudity

    How To Save Your Kids From High School Nudity

    Social recruiting for B2B companies

    Social Recruiting for B2B Companies

    Data Protection in the Employment Contract

    Data Protection in the Employment Contract

    motivate colleagues

    How Can You Motivate Colleagues?

  • Science & Tech
    • All
    • Ai - Artificial Intelligence
    • Apps
    • Mobile
    Find Someone Information Using Phone Number

    Ways to Find Someone Information Using Phone Number

    What is the Structure of a Mobile App

    What is the Structure of a Mobile App?

    Limit the Damage in an Emergency

    Logging strategy: Limit the Damage in an Emergency

    Dev Ops Future And Free Platform To Learn

    Dev Ops Future And Free Platform To Learn

    Does discord notify you when you leave a group chat?

    Does discord notify you when you leave a group chat?

    Redirects and Benefits of it

    What Are Redirects And Benefits Of It

    Data Protection Officer Tasks

    Data Protection Officer Tasks

    How to Get a Tinder Refund in Less Than Two Minutes

    How to Get a Tinder Refund in Less Than Two Minutes

    How To Send Pictures on Tinder

    How To Send Pictures on Tinder

    How To Change Age on Tinder

    How To Change Age on Tinder

  • Entertainment
    • All
    • Gaming
    • Movie
    • Music
    See a show on Broadway

    Ideas For Your Bucket List In 2023

    CBD DISPOSABLE VAPE PEN 1000MG

    CBD DISPOSABLE VAPE PEN 1000MG

    What Are The Benefits Of Using HWID Spoofer For Valorant

    What Are The Benefits Of Using HWID Spoofer For Valorant?

    Game studios are shelving play-to-earn games

    Game studios are shelving play-to-earn games

    Battle Infinity

    4,400% return! This coin could still increase its price a hundredfold

    Christine Settingsgaard sits in her yard on Wednesday, Sept 14, 2022, in Barrington. Settingsgaard was lured into sophisticated financial scam this summer via a man she met on Hinge, and “lost everything.”

    The case of the vanishing deposit – Chicago Tribune

    NFL Week 4 takeaways – Lessons, big questions for every game

    Live: Miley Cyrus, Def Leppard join Taylor Hawkins tribute

    Live: Miley Cyrus, Def Leppard join Taylor Hawkins tribute

    'Catherine Called Birdy' review: Lena Dunham's instant teen classic

    ‘Catherine Called Birdy’ review: Lena Dunham’s instant teen classic

    Home Depot Skeleton Alternatives

    Home Depot Skeleton Alternatives

    • F95zone
  • Lifestyle
    • All
    • Fashion
    • Food
    • Travel
    Can I wear a white shirt with grey dress pants?

    Can You Wear a White Shirt with Grey Pants?

    New Trendy Bodysuit Outfit Ideas 2023

    New Trendy Bodysuit Outfit Ideas 2023

    How Do You Style A Simple Top

    How Do You Style Your Simple Tops?

    Great Ocean Road

    6 Things you can Experience along the Great Ocean Road

    So You Want to Be a Chef Here’s What You Need to Know

    So You Want to Be a Chef? Here’s What You Need to Know

    waterdrop reverse osmosis water filter

    Your Comprehensive Guide To The Tankless Reverse Osmosis System

    Best vegan gift ideas for every budget

    Best vegan gift ideas for every budget

    Things You Should Consider When Traveling

    Things You Should Consider When Traveling

    The complete guide for buying Water Purifiers

    The complete guide for buying Water Purifiers

    The Most Techy Smartwatches in 2022

    The Most Techy Smartwatches in 2022

33 °f
Chicago
35 ° Sat
35 ° Sun
35 ° Mon
37 ° Tue
No Result
View All Result
Daily illinois - USA | News, Sports & Updates Web Magazine
No Result
View All Result
Home Science & Tech

Actors behind PyPI supply chain attack have been active since late 2021

by Staff Writer
December 5, 2022
in Science & Tech
Reading Time: 2 mins read
0
Hackers are exploiting a server vulnerability with a severity of 9.8 out of 10
492
SHARES
1.4k
VIEWS
Share on FacebookShare on Twitter

The official software repository for the Python language, Python Package Index (PyPI), has been targeted in a complex supply chain attack that appears to have successfully poisoned at least two legitimate projects with credential-stealing malware, researchers said on Thursday.

PyPI officials said last week that project contributors were under a phishing attack that attempted to trick them into divulging their account login credentials. When successful, the phishers used the compromised credentials to publish malware that posed as the latest release for legitimate projects associated with the account. PyPI quickly took down the compromised updates and urged all contributors to use phishing-resistant forms of two-factor authentication to protect their accounts better.

Related posts

Find Someone Information Using Phone Number

Ways to Find Someone Information Using Phone Number

February 3, 2023
What is the Structure of a Mobile App

What is the Structure of a Mobile App?

January 24, 2023

Today we received reports of a phishing campaign targeting PyPI users. This is the first known phishing attack against PyPI.

We’re publishing the details here to raise awareness of what is likely an ongoing threat.

— Python Package Index (@pypi) August 24, 2022

On Thursday, researchers from security firms SentinelOne and Checkmarx said that the supply chain attacks were part of a larger campaign by a group that has been active since at least late last year to spread credential-stealing malware the researchers are dubbing JuiceStealer. Initially, JuiceStealer was spread through a technique known as typosquatting, in which the threat actors seeded PyPI with hundreds of packages that closely resembled the names of well-established ones, in the hopes that some users would accidentally install them.

Advertisement

JuiceStealer was discovered on VirusTotal in February when someone, possibly the threat actor, submitted a Python app that surreptitiously installed the malware. JuiceStealer is developed using the .Net programming framework. It searches for passwords stored by Google Chrome. Based on information gleaned from the code, the researchers have linked the malware to activity that began in late 2021 and has evolved since then. One likely connection is to Nowblox, a scam website that purported to offer free Robux, the online currency for the game Roblox.

Over time, the threat actor, which the researchers are calling JuiceLedger, started using crypto-themed fraudulent applications such as the Tesla Trading bot, which was delivered in zip files accompanying additional legitimate software.

“JuiceLedger appears to have evolved very quickly from opportunistic, small-scale infections only a few months ago to conducting a supply chain attack on a major software distributor,” the researchers wrote in a post. “The escalation in complexity in the attack on PyPI contributors, involving a targeted phishing campaign, hundreds of typosquatted packages and account takeovers of trusted developers, indicates that the threat actor has time and resources at their disposal.”

PyPI has begun offering contributors free hardware-based keys for use in providing a second, unphishable factor of authentication. All contributors should switch to this stronger form of 2FA immediately. People downloading packages from PyPI—or any other open source repository—should take extra care to ensure the software they’re downloading is legitimate.

Source by arstechnica.com

Related

Share197Tweet123Share49
Previous Post

Eliza Fletcher, a Teacher and the Granddaughter of a Billionaire, Has Been Abducted

Next Post

The Fiery Godmother Who Avenged Her Husband With 29 Bullets

Next Post
The Fiery Godmother Who Avenged Her Husband With 29 Bullets

The Fiery Godmother Who Avenged Her Husband With 29 Bullets

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Latest News - Daily illinois

Can I wear a white shirt with grey dress pants?

Can You Wear a White Shirt with Grey Pants?

February 3, 2023
Find Someone Information Using Phone Number

Ways to Find Someone Information Using Phone Number

February 3, 2023
Incorporate effective visual aids.

Tips for Making a Custom Presentation 02/01

February 2, 2023
New Trendy Bodysuit Outfit Ideas 2023

New Trendy Bodysuit Outfit Ideas 2023

January 31, 2023
A Guide to Quick Loans

Speedy Solutions: A Guide to Quick Loans

January 31, 2023
What is the Structure of a Mobile App

What is the Structure of a Mobile App?

January 24, 2023
Benefits of SEN in education

Benefits of SEN in education — why children need it

January 19, 2023
How Do You Style A Simple Top

How Do You Style Your Simple Tops?

December 28, 2022
Daily illinois - USA | News, Sports & Updates Web Magazine

Copyright © 2020 Dailyillinois.com.

Navigate Site

  • Daily Illinois
  • About
  • Contact
  • Privacy
  • Terms
  • DMCA
  • Sitemap
  • Write For Us

Follow Us

No Result
View All Result
  • About Us Page
  • Contact
  • Daily illinois
  • DMCA Policy
  • Privacy Policy
  • Submit, Guest Post, Write For Us and Become a Contributor
  • Terms of Use

Copyright © 2020 Dailyillinois.com.

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.