CSOonline

Attackers use Python compiled bytecode to evade detection

Newly discovered campaign takes advantage of the fact that most vulnerability scanning tools don't read compiled open-source software. Attackers who are targeting open-source package repositories like ...
GitHub

Providence is a system for code commit & bug system monitoring. It is deployed within an organization to monitor code commits for security (or other) concerns, via customizable ...

Build plugin to run a something everytime a commit happens Empire contains some useful tools for credential management Find our slides from our AppSec presentation here For OSX users, you may have ...
GitHub

python_exe_unpack.py

from assemblyline_v4_service.common.result import Result, ResultSection, BODY_FORMAT def decompile_pyc(dir_decompiled, pyc_files, output_file=None): return uncompyle6 ...
WeLiveSecurity

Bandidos at large: A spying campaign in Latin America

In 2021 we detected an ongoing campaign targeting corporate networks in Spanish-speaking countries, with 90% of the detections in Venezuela. When comparing the malware used in this campaign with what ...