Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Friday Flows Episode 12: From Code to Clicks

Nov 6, 2023 By Tines In Tines
On this Friday Flows Jesse Strivelli shares a side-by-side comparison of an automation written in Python & built in Tines. The workflow is around triaging alerts for an eCommerce business. The goal is to ingest the alert, enrich & get further analysis, and take action if there's a high-risk score. Jesse has been a software developer at Fortune 100 organizations for most of his career. And while coding remains near & dear to his heart, he shares how building in Tines now saves him time & headaches.
View Video
netskope

New Python NodeStealer Goes Beyond Facebook Credentials, Now Stealing All Browser Cookies and Login Credentials

Sep 14, 2023 By Jan Michael In Netskope

Netskope Threat Labs is tracking a campaign that uses malicious Python scripts to steal Facebook users’ credentials and browser data. This campaign targets Facebook business accounts with bogus Facebook messages with a malicious file attached. The attacks are reaching victims mainly in Southern Europe and North America across different segments, led by the manufacturing services and technology sectors.

Read Post
Snyk

Finding and fixing insecure direct object references in Python

Jul 19, 2023 By Keshav Malik In Snyk

An insecure direct object reference (IDOR) is a security vulnerability that occurs when a system’s implementation allows attackers to directly access and manipulate sensitive objects or resources without authorization checks. For example, an IDOR can arise when an application provides direct access to objects based on user-supplied input, allowing an attacker to bypass authorization.

Read Post
outpost 24

Everything you need to know about the LummaC2 stealer: Leveraging IDA Python and Unicorn to deobfuscate Windows API Hashing

Apr 5, 2023 By Alberto Marín In Outpost 24

In this blog post, the KrakenLabs team will take a deep dive into a malware sample classified as LummaC2, an information stealer written in C language that has been sold in underground forums since December 2022. We assess LummaC2’s primary workflow, its different obfuscation techniques (like Windows API hashing and encoded strings) and how to overcome them to effectively analyze the malware with ease.

Read Post

Store & manage secrets like API keys in Python - Tech Tip Tuesdays

Mar 14, 2023 By GitGuardian In GitGuardian
In this video, we explore how to securely manage secrets like API keys, passwords, credential pairs, and other sensitive information in python. We run through the basics of using environment variables and move onto more advanced senarios such as managing different secrets for multiple environments.
View Video
CrowdStrike

How to Ingest Data into Falcon LogScale Using Python

Feb 23, 2023 By Wil How In CrowdStrike

This post covers how to ingest data into CrowdStrike Falcon® LogScale from your MacOS platform using Python. This guide is great for setting up a one-node proof of concept (POC) so you can take advantage of LogScale’s free trial. Before you can write your ingest client, you must prepare a good foundation. That means preparing your MacOS instance via the following steps: Ready? Let’s get started.

Read Post
Snyk

The dangers of setattr: Avoiding Mass Assignment vulnerabilities in Python

Feb 15, 2023 By Jack Hair In Snyk

Mass assignment, also known as autobinding or object injection, is a category of vulnerabilities that occur when user input is bound to variables or objects within a program. Mass assignment vulnerabilities are often the result of an attacker adding unexpected fields to an object to manipulate the logic of a program.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.