Home

Python packages discovered on the PyPI repository

Following news that threat analysts have discovered ten malicious Python packages on the PyPI repository, used to infect developer's systems with password-stealing malware (10 malicious PyPI packages found stealing developer's credentials (bleepingcomputer.com)), Henning Horst, Chief Technology Officer at comforte AG, explains the risks of password-stealing malware:

Malware is a common tool threat actors use to steal credentials and sensitive information. There is a broad range of malware families out there that do everything from secretly capturing users' movements to locking up systems. Organizations must mitigate such risks through constant backup to ensure data can be restored rapidly if it is locked, and also utilize proven data-centric security to foil the attack itself. If data is neutralized using modern data-centric techniques – such as tokenization or format-preserving encryption - that enable data use and data analytics in the enterprise while protected while restricting access to the minimum live data, attackers will get the equivalent of digital coal, not data gold.

: EXPERTS COMMENTS; Talking Point; Posted On Thursday, 11 August 2022 14:04

KnowBe4 Giving Back and Having Fun Doing It

KnowBe4 celebrates twelfth anniversary with projects to improve the environment

London, UK: Employees of KnowBe4, provider of the world’s largest security awareness training and simulated phishing platform, knew what they wanted for their company’s birthday: less garbage, and more bees. So, to celebrate its twelfth anniversary, the company will donate to clean up 12,000 pounds of garbage from the ocean and will sponsor 12 beehives in Pinellas County, adding somewhere around 400,000 honey bees to the region.

The beehives have become a new tradition for the company; for its eleventh anniversary KnowBe4, located in Clearwater, FL, donated funds to the Pinellas Beekeeper’s Association to purchase and maintain 11 full honeybee hives. (For its tenth anniversary the company had 10,000 trees planted worldwide to mitigate environmental threats.)

: THE EDITORIAL TEAM; Industry News; Posted On Thursday, 11 August 2022 13:59

Endpoint security is ‘non-existent’ at my organisation, say half of respondents to Osirium Technologies poll

59% recognise that controlling endpoints protects data and mitigates human error, but concerns about productivity and user frustration are a barrier

London, UK: Half (49%) of respondents to a recent Twitter poll carried out by Osirium Technologies plc (AIM: OSI), the leading UK-based vendor of Privileged Access Security (PAS) solutions, describe their organisation’s endpoint management security as ‘non-existent’. One in 10 (11%) admit that it’s their lowest priority.

: THE EDITORIAL TEAM; Case Studies; Posted On Thursday, 11 August 2022 13:54

UK shoppers can say goodbye to the wild west Finally a new marketplace for risk free buying and selling

In tough economic times, more and more people are looking to buy second-hand products online. And that’s great in principle: they can save themselves some money, discover tech they couldn’t normally afford – and it’s better for the planet.

But online can be a lawless and risky place. On Black Friday, 1 in 5 of all products listed on all marketplaces were thought to be fraudulent [1]. And eBay alone generates 60 million disputes a year [2].

The mobile phone segment is not immune. It is plagued by fake brands, stolen handsets, and shiny phones bodged together with iffy parts and last-gasp batteries.