Several Python Libraries Discovered Stealing AWS Secrets And Keys | Cybernews Channel AWS News

preview_player
Показать описание
Researchers have found many malicious Python programs that are designed to steal environment variables and AWS credentials and send them to a publicly accessible URL in the official third-party software repository.
According to Sonatype security researcher Ax Sharma, the list of packages includes loglib-modules, pygrata, pyg-modules, hkg-sol-utils, and pygrata-utils.
The URL has now been removed, along with the packages. "Some of these packages either contain code that reads and exfiltrates your secrets or use one of the dependencies that will do the job," Sharma said.
Unpleasantly, there are hundreds of endpoints holding this data. Since TXT files were not protected by any authentication measures, anybody with access to the internet could essentially obtain these credentials.
#Python #AWS #Cybersecurity #Cybernews
  1. CSI digital
  2. Python programs
  3. AWS credentials
  4. Poublicly accessible URL
  5. third-party software
  6. third-party
Рекомендации по теме
Several Python Libraries 0:04:29

Several Python Libraries Discovered Stealing AWS Secrets And Keys | Cybernews Channel AWS News

Python Packages Stealing 0:09:44

Python Packages Stealing AWS Keys and Other Credentials

10 Credential Stealing 0:00:19

10 Credential Stealing Python Libraries Found on PyPI Repository

Malicious PyPI Python 0:08:56

Malicious PyPI Python Libraries Caught Stealing Credentials and Installing Shells

11 Malicious PyPI 0:04:02

11 Malicious PyPI Python Libraries Caught Stealing Discord Tokens and Installing Shells

Be Aware these 0:09:14

Be Aware these Python Packages are stealing your DATA and AWS keys !! 🤐 Abhijeet Gupta

Hackers can use 0:13:05

Hackers can use python's pip to steal your data!

Python CTX Security 0:11:16

Python CTX Security Vulnerability | Library will steal your environment variables

AWS Credential Stealing 0:11:17

AWS Credential Stealing is Ethical Research!! Python and PHP libraries ctx and PHPass are hijacked.

Malicious Python Imports 0:09:02

Malicious Python Imports | Down The Rabbit Hole (Part 1)

PyPi Python Packages 0:35:22

PyPi Python Packages Caught Sending Stolen AWS Keys to Unsecured Sites: Episode 3

Stealing Ideas from 1:04:41

Stealing Ideas from Python on How to Handle File Paths

if you sleep 0:00:22

if you sleep near your PC... #shorts

The Dark Side 0:04:42

The Dark Side of #python Data Analysis: Uncovering Malicious Library Impersonators

This Man With 0:05:22

This Man With Down Syndrome Approached A Queen’s Guard, And The Soldier’s Response Was Startling

Could 2 People 0:13:59

Could 2 People Actually Repopulate Earth

Python EH: 76 0:22:01

Python EH: 76 | Website Penetration Testing With Python | Stealing Saved Wireless Passwords

Student Finds Hidden 0:18:27

Student Finds Hidden Devices in the College Library - Are they nefarious?

How to HIDE 0:04:27

How to HIDE Your API Keys in Python Projects

Free Hacking Classes 0:00:16

Free Hacking Classes | Best Hacking Guruji #hacking #cybersecurity #hacker #ethicalhacking

This Shouldn't Be 0:00:29

This Shouldn't Be Normalized

SBI EMPLOYEE WHOLE 0:00:23

SBI EMPLOYEE WHOLE DAY |

Python code to 0:00:09

Python code to connect to wifi #coding #programming #wifi #python

Ethical Hacking using 0:20:25

Ethical Hacking using Python | Steal Wi-Fi Passwords in Seconds