overview for expertmadman

23

Researchers Uncover npm Package Delivering RAT Via Microsoft Executable (blog.phylum.io)

submitted 8 months ago by expertmadman@sh.itjust.works to c/cybersecurity@sh.itjust.works

1 comments fedilink

11

Malicious Nuget Packages Found Delivering SeroXen RAT (blog.phylum.io)

submitted 11 months ago by expertmadman@sh.itjust.works to c/cybersecurity@sh.itjust.works

0 comments fedilink

Proc macro sandboxing by expertmadman in c/programmerhumor@lemmy.ml

[-] expertmadman@sh.itjust.works 24 points 1 year ago

we’re working on a third party solution for this. Should have some updates that sandbox cargo builds shortly.

https://github.com/phylum-dev/birdcage

It’s a cross-platform sandbox that works on Linux via Landlock and macOS via Seatbelt. We’ve rolled this into our CLI (https://github.com/phylum-dev/cli) so you can do thinks like:

phylum

For example for npm, which currently uses the sandbox:

phylum npm install

We’re adding this to cargo to similarly sandbox crate installations. Would love feedback and thoughts on our sandbox!

Sophisticated, Highly-Targeted Attacks Continue to Plague npm by expertmadman in c/cybersecurity@sh.itjust.works

[-] expertmadman@sh.itjust.works 5 points 1 year ago

https://blog.phylum.io/sophisticated-highly-targeted-attacks-continue-to-plague-npm/

tl;dr several packages were recently published to npm that appear to be subtle command and control. Behaviors of the infrastructure seem to mimic those recently identified by Phylum as being nation state activity from North Korea.