Awesome working with Ilia Karelin here! Really appreciate this opportunity. This article is really interesting because you can see how the threat actors anticipated people reaction, and designed their campaign around that.
....when something feels wrong, isolate the machine first, identify the malware second, and rotate credentials third. The cleanup needs the same paranoia as the prevention.... GRATITUDE ❣️....
Awesome working with Ilia Karelin here! Really appreciate this opportunity. This article is really interesting because you can see how the threat actors anticipated people reaction, and designed their campaign around that.
Thank you for sharing your knowledge with us!
Great post guys! The package.json observation hit home. I literally never check lockfiles and I installed quite a few packages on my VPS.
Yeah, these security attacks becoming more and more common unfortunately! There’s a ton to learn in this space!
....when something feels wrong, isolate the machine first, identify the malware second, and rotate credentials third. The cleanup needs the same paranoia as the prevention.... GRATITUDE ❣️....
Is this not another reason to not run anything python-related on any server/container you care about?
Thanks for a great and clear article!
That’s a good question for Toxsec maybe! Python has so many amazing packages that you can work with (I am coming from the data world)! I love Python