How to Easily Identify Conda Vulnerabilities Using Sonatype Jake

Vulnerabilities in our Python environments are really irritating. They slow us down, are difficult to identify, and can delay the development process. What makes them more frustrating is that most of these ...
WhiteSource Python

WhiteSource Adds Python Support to Vulnerability Discovery Tool

WhiteSource today announced it has extended to reach of its tool for scanning for vulnerabilities in open source application code to include support for the Python programming language. Jeffrey Martin, director of ...
Security Boulevard
t2 / 2016 -  Learning the wrong lessons from Offense (Haroon Meer)

Evolving Threat series — Infiltrating Python’s Software Supply Chain

Evolving Threat series — Infiltrating Python’s Software Supply ChainZDNet published this interesting post 2 days ago titled “Two malicious Python libraries caught stealing SSH and GPG keys” which sets stage to what is coming ...

Proxy a Conda Repository Using Nexus Repo

We’ve supported Python developers for a number of years now. With the most recent Nexus Repository release, we are extending our reach with the official coverage of Conda in Nexus Repository Manager ...
🤷🏻‍♀️

Polyglot FizzBuzz in R (Plus: “Why Can’t Johnny Code?”)

| | C++, Javascript, python, R
I caught this post on the The Surprising Number Of Programmers Who Can’t Program from the Hacker News RSS feed. Said post links to another, classic post on the same subject and ...
Decrypting L0rdix RAT’s C2

Decrypting L0rdix RAT’s C2

In my previous blog post on L0rdix RAT, I took a look at its panel and builder components that have been circulating through underground forums recently. I identified a key as part ...
EH-Net Book Review - Linux Basics for Hackers

Book Review – Linux Basics for Hackers

With countless job openings and growth with no end in sight, InfoSec is the place to be. Many pose the question, “Where do I start?” Over his years of training hackers and ...
EH-Net - Daw - Ease Me Into Cryptography Part 3: Asymmetric Ciphers - Asymmetric Cyphers

Ease Me Into Cryptography Part 3: Asymmetric Ciphers

| | /root, cipher, Crypto, daw, highlight, python, Tutorial
Welcome to Part 3! A quick recap of where we’ve been. In Part 1: Buzzwords and Hash Function we talked about some foundational cryptography vocab and were introduced to hash functions, how ...
Scapy-sploit: Python Network Tool is Vulnerable to Denial of Service (DoS) Attack CVE pending

Scapy-sploit: Python Network Tool is Vulnerable to Denial of Service (DoS) Attack CVE pending

We recently discovered that the latest version of Scapy, a powerful packet manipulation tool used by cybersecurity researchers and network engineers, is susceptible to a Denial of Service (DoS) vulnerability. Ironically, we ...
EH-Net - Bango - From Dev to InfoSec Part 4: Buffer Overflows Made My Brain Hurt - Arnold!

From Dev to InfoSec Part 4: Buffer Overflows Made My Brain Hurt

While I’ve written a lot of code in my time, I don’t think I’ve ever firmly appreciated how complex it can be to write secure code. We go about our lives taking ...