Want some good life advice? Don’t blindly trust strangers, and avoid downloading random packages.

That might sound like obvious advice, but a malicious Python Package Index (PyPI) package was downloaded at least 264 times practically overnight after a suspicious user on coding forum Stack Overflow advertised it as a solution to unrelated problems, according to security firm Sonatype.

Sonatype’s Ax Sharma said the malware is called “pytoileur,” mimicking the common shorthand format for various Python tools, and describes itself in metadata and on its HTML webpage description merely as a “cool package” and an “API management tool written in Python.” The account that uploaded the package to PyPI, “PhilipsPY,” has existed only since May 25, with pytoileur its only contribution.

Analysis of the package showed its setup file contained a hidden line executing a base64-encoded payload—which wouldn’t be suspicious in and of itself had the author not tried to hide it, or if the payload wasn’t a malicious executable, Sonatype researcher Jeff Thornhill noted.

Read more here.—TM

Do you work in IT or have information about your IT department you want to share? Email [email protected]. Want to go encrypted? Ask Tom for his Signal.

In the world of cybersecurity, identity and access management aren’t just cornerstones—they’re the foundation of enterprise resilience and agility. That’s why it’s essential your IT teams know the IAM game like the backs of their hands.

Need a little guidance? Good news: You can attend Gartner Identity & Access Management Summit 2024.

Hosted in Grapevine, Texas, Dec. 9–11, this conference is all about the growing importance of identity to orgs in our increasingly digital world.

We’re talkin’:

• 50+ expert-led sessions discussing just-released Gartner research
• networking and collaboration opportunities with 1,500+ peers
• tailored guidance on top IAM priorities in one-on-one meetings with Gartner IAM experts

Take your IAM organization to the next level.

The Middle East is becoming a new hotspot for Silicon Valley, as tech founders and investors swing by the region to close deals, the Washington Post reported.

“Everyone’s got a stake” in the Middle East’s AI and tech sector, Bob Harward, EVP for international business and strategy at Shield AI—a defense technology company—told IT Brew. “And those who are committed to it, to put [in] the resources—and I’m not just talking financial resources, I’m talking manpower, womanpower, and intellectual rigor and capacity in this—will have an advantage,” he said. “I think this is one of those areas where partnerships are so important. Who are your partners and who are your allies? So, you work together to enhance that capacity.”

Show me the money. Venture capital firm Andreessen Horowitz—which has invested in Facebook, Instagram, GitHub, Okta, and Slack, to name a few—“is in talks to raise $40 billion from Saudi Arabia for a dedicated AI fund,” according to the Post. In April, Microsoft announced an investment in AI firm G42, “which also has an agreement to use AI language models from Sam Altman’s OpenAI,” the outlet said.

Read more here.—AF

Do you work in IT or have information about your IT department you want to share? Email [email protected].

If malicious hackers’ claims prove true, an attack against Live Nation Entertainment subsidiary Ticketmaster could lead to very targeted phishing attacks, according to pros who spoke with IT Brew, begging the question:

Could phishers phish Phish fans with phony Phish plans?

• Ticketmaster’s SEC 8-K filing on May 20 revealed that the company “identified unauthorized activity within a third-party cloud database environment containing Company data.”
• The filing also revealed that on May 27, “a criminal threat actor offered what it alleged to be Company user data for sale via the dark web.”
• Cybercrime group ShinyHunters claims to have stolen data from about 560 million Ticketmaster customers, including their full names, addresses, emails, phone numbers, ticket orders, and the last four digits of credit-card numbers, HackRead reported.

It’s already easy for hackers to guess music-related passwords, as IT Brew reported in early 2024.

If ShinyHunters’ claims prove true, however, phishers have a lot to work with—especially knowing a target’s favorite band, Colin Little, security engineer at cybersecurity company Centripetal, told IT Brew.

Keep reading here.—BH

Do you work in IT or have information about your IT department you want to share? Email [email protected].

Back it up. Microsoft 365 has many capabilities…but backing up all your data isn’t one of them. Good thing Veeam can help do it for you. Learn the benefits of cloud-based data protection in Veeam’s new e-book, and get all the deets on its backup service in this report.