#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News

computer programming | Breaking Cybersecurity News | The Hacker News

Category — computer programming
Experts Identify Fully-Featured Info Stealer and Trojan in Python Package on PyPI

Experts Identify Fully-Featured Info Stealer and Trojan in Python Package on PyPI

Mar 02, 2023 Software Security / CodingSec
A malicious Python package uploaded to the Python Package Index (PyPI) has been found to contain a fully-featured information stealer and remote access trojan. The package, named  colourfool , was identified by Kroll's Cyber Threat Intelligence team, with the company calling the malware  Colour-Blind . "The 'Colour-Blind' malware points to the democratization of cybercrime that could lead to an intensified threat landscape, as multiple variants can be spawned from code sourced from others," Kroll researchers Dave Truman and George Glass  said  in a report shared with The Hacker News. colourfool, like  other rogue Python modules  discovered in recent months, conceals its malicious code in the setup script, which points to a ZIP archive payload hosted on Discord. The file contains a Python script (code.py) that comes with different modules designed to log keystrokes, steal cookies, and even disable security software. The malware, besides performing defense ev
An Easier Way to Keep Old Python Code Healthy and Secure

An Easier Way to Keep Old Python Code Healthy and Secure

Jul 22, 2022
Python has its pros and cons, but it's nonetheless used extensively. For example, Python is frequently used in data crunching tasks even when there are more appropriate languages to choose from. Why? Well, Python is relatively easy to learn. Someone with a science background can pick up Python much more quickly than, say, C. However, Python's inherent approachability also creates a couple of problems. Whenever Python is updated, it means a big refactoring workload, which often gets dealt with poorly – or not at all. That leads to poor performance and security vulnerabilities. But maybe there is a better way: a tool to keep your Python tasks running smoothly and securely day in, day out. Let's take a look. It's slow, but it does the job Python isn't the fastest language around, but despite its comparative disadvantages, you'll often see it used for intensive data crunching operations. Think machine learning, computer vision, or even pure math in high-perform
Cyber Story Time: The Boy Who Cried "Secure!"

Cyber Story Time: The Boy Who Cried "Secure!"

Nov 21, 2024Threat Detection / Pentesting
As a relatively new security category, many security operators and executives I've met have asked us "What are these Automated Security Validation (ASV) tools?" We've covered that pretty extensively in the past, so today, instead of covering the " What is ASV?" I wanted to address the " Why ASV?" question. In this article, we'll cover some common use cases and misconceptions of how people misuse and misunderstand ASV tools daily (because that's a lot more fun). To kick things off, there's no place to start like the beginning. Automated security validation tools are designed to provide continuous, real-time assessment of an organization's cybersecurity defenses. These tools are continuous and use exploitation to validate defenses like EDR, NDR, and WAFs. They're more in-depth than vulnerability scanners because they use tactics and techniques that you'll see in manual penetration tests. Vulnerability scanners won't relay hashes or combine vulnerabilities to further attacks, whic
Learn to Code — Get 2021 Master Bundle of 13 Online Courses @ 99% OFF

Learn to Code — Get 2021 Master Bundle of 13 Online Courses @ 99% OFF

Jul 03, 2021
Whether you are looking to turn into a full-time developer or simply increasing your earnings in your current niche, learning to code can be a smart move. It is a well-known fact that recruiters strive to recruit people with technical skills, and these skills are a great way to build your own startup. Featuring 13 courses,  The Master Learn to Code 2021 Certification Bundle  is a great way to get started. This bundle covers a range of popular programming languages and frameworks — and  it's now only $34.99  at The Hacker News Deals. Every large company today makes decisions based on data, whether it is financial or marketing. Moreover, they are able to predict future trends with  sophisticated algorithms  and build computer programs that automate their daily tasks. With over 119 hours of hands-on training provided in this bundle, you will learn to handle all of these projects. The instructions in these video tutorials will set you up with a thorough understanding of Python, JavaScr
cyber security

Creating, Managing and Securing Non-Human Identities

websitePermisoCybersecurity / Identity Security
A new class of identities has emerged alongside traditional human users: non-human identities (NHIs). Permiso Security's new eBook details everything you need to know about managing and securing non-human identities, and strategies to unify identity security without compromising agility.
Get Lifetime Access to 1000+ Premium Online Training Courses for Just $59

Get Lifetime Access to 1000+ Premium Online Training Courses for Just $59

Aug 25, 2020
"In today's knowledge economy, continual learning is an imperative." — Those words from Aytekin Tank, the founder of JotForm, are particularly important for anyone working in IT or development. With over 1,000 premium courses ( complete list ) from top instructors, StackSkills Unlimited provides endless learning opportunities. Right now, you can grab lifetime membership for $59 . Categories of courses include: Animation and 3D Audio Bundles Business Applications CAD Databases Game Design and Development Graphics and Page Layout Internet and Web Design Multimedia and Video Networking and Security Operating Systems Programming, and Project Management Wondering what these courses cover? Here are five top skills: Ethical Hacking and Penetration Testing Finding the weaknesses in software, websites, and networks is an important task. For this reason, white hat hackers are in demand, with top pros earning over $100k a year. StackSkills Unlimite
Linus Torvalds Apologizes For His Rude Behavior—Takes Time Off

Linus Torvalds Apologizes For His Rude Behavior—Takes Time Off

Sep 18, 2018
What just happened would definitely gonna surprise you. Linus Torvalds—father of the Linux open-source operating system—finally admitted his behavior towards other developers in the Linux community was hurting people and Linux. In a surprising move this weekend, Torvalds apologized for insulting and abusing other developers for almost three decades and took a break from the open-source software to work on his behavior. In an email to the Linux Kernel Mailing List (LKML) on Sunday, Torvalds said that he was confronted by people of the Linux community this week about his lifetime of not understanding emotions, and apologized for his personal behavior that has hurt people and possibly has driven some of them away from working in kernel development altogether. Torvalds wrote, "I need to change some of my behavior, and I want to apologize to the people that my personal behavior hurt and possibly drove away from kernel development entirely." "I am going to take
Learn How to Code: Get 10 Best Online Training Courses for Just $49

Learn How to Code: Get 10 Best Online Training Courses for Just $49

May 12, 2017
Struggling to learn how to code? If you're looking to 'learn how to code' and seeking a career as an expert-level programmer, you should know how to play with codes and make your own. It's no secret that mastering a coding language or two can put you at the top of the job market – thanks to the boom in technology. Today, you can elevate your programming skills straight from the Internet to become an actual coder, but getting into a heavy subject like coding involves a lot of time and money. 'Learn to Code' 2017 Bundle: Get 10 Courses in 1 Pack Fortunately for you, this week's THN Deal Store brings the Ultimate Learn to Code 2017 Bundle that gives you access to 10 online training courses in 1 single account at just $49, instead of $1,186. This 95% discount is valid for next few days. The Ultimate Learn to Code 2017 Bundle, comes with lifetime access, offers you professional training courses on Python, Ruby, Java, iOS, HTML, CSS, AngularJS and other programmin
These Top 10 Programming Languages Have Most Vulnerable Apps on the Internet

These Top 10 Programming Languages Have Most Vulnerable Apps on the Internet

Dec 04, 2015
A new research showed that Scripting languages, in general, give birth to more security vulnerabilities in web applications, which raised concerns over potential security bugs in millions of websites. The app security firm Veracode has released its State of Software Security: Focus on Application Development report ( PDF ), analyzing more than 200,000 separate applications from October 1, 2013, through March 31, 2015. The security researchers crawled popular web scripting languages including PHP, Java, JavaScript, Ruby, .NET, C and C++, Microsoft Classic ASP, Android, iOS, and COBOL, scanning hundreds of thousands of applications over the last 18 months. Also Read:  A Step-by-Step Guide — How to Install Free SSL Certificate On Your Website Researchers found that PHP – and less popular Web development languages Classic ASP and ColdFusion – are the riskiest programming languages for the Internet, while Java and .NET are the safest. Here's the Top 10 List:
Twitter Open Sources 'Diffy' that Automatically Catches Potential Bugs in Code

Twitter Open Sources 'Diffy' that Automatically Catches Potential Bugs in Code

Sep 04, 2015
After, Facebook open sourced Thrift Technology ( an internally used tool by Facebook ) in 2007, rival entity Twitter brings Diffy , an internal Twitter service to the world. Yesterday, Twitter introduced " Diffy ," an open source tool, acting as a helping hand for the software developers to catch bugs, test and compare results without writing much code. Diffy plays a vital part in Twitter's development. As a service - Twitter modifies portions of its complex code on a timely basis, and Diffy is packed with such advanced automated techniques that it helps Twitter in its smooth workflow and optimized performance. Diffy simultaneously relieves programmers from writing separate codes to test flaws in the modified code. As, Diffy's minimal setup requirements are adaptable to any kind of environment. Apache Thrift and HTTP-based communication are such elaborate environments where Diffy catches bugs automatically . But, What exactly Diffy is? D
Learn How DuckDuckGo Search Engine helps you to be a Good Programmer

Learn How DuckDuckGo Search Engine helps you to be a Good Programmer

Feb 21, 2014
So you want to be a Programmer? Want to learn - How to code, Debug, and Program? The Web is full of free resources that can turn you into a programmer in no time, but never knew Where to start or How to troubleshoot your programs . Learning How to be a good programmer begins with learning logic concepts and language syntax and Google is a superb search engine, used by the majority of users online for finding information. But most of the time we don't get helping hands ' easily & quickly ' to debug our programs using Google or other Search engines. Learning to program is hard enough, but debugging is a critical skill, actually - it's frustrating ! DuckDuckGo , a private Search Engine that claims it gives complete anonymity to its users, has ' Programming Goodies ' for you and Software Engineers, i.e. provides a large number of programming tips and solutions from the a number of references, for various programming languages. Following are the
Adelaide Hacker Infects 2,370 Computers in Global Cyber Attack

Adelaide Hacker Infects 2,370 Computers in Global Cyber Attack

Dec 02, 2010
An Adelaide hacker infected over 2,000 computers in Australia and overseas with a program designed to capture banking details, a court has heard. Anthony Scott Harrison, 20, learned hacking and programming skills online and launched his attack in 2009. He was caught when suspicious web activity was detected and tracked by federal police. Harrison also modified and sold software, allowing others to infect computers. His actions stemmed from his obsession with the world of cyber fantasy. Harrison pleaded guilty to seven charges, including four counts of modifying computer data to cause harm. Defense counsel John Edwards told the South Australian District Court that from the age of 14, Harrison had become obsessed with online computer games and was "immersed in the world of cyber fantasy." At one point, he played online for up to 15 hours a day, often using a simulated hacking game called Slave Hack. Mr. Edwards explained that Harrison became quite skilled at computer program
Expert Insights / Articles Videos
Cybersecurity Resources