Article: Python Shellcode Injection From JSON Data, (Fri, Dec 10th) - published almost 3 years ago. Content: My hunting rules detected a niece piece of Python code. It's interesting to see how the code is simple, not deeply obfuscated, and with a very low VT score: 2/56![1]. I see more and more malicious Python code targeting the Windows environments. Thanks to the library ctypes[2], Python is able to use any native API calls provided by DLLs. https://isc.sans.edu/diary/rss/28118 Published: 2021 12 10 08:33:00 Received: 2021 12 10 09:20:39 Feed: SANS Internet Storm Center, InfoCON: green Source: SANS Internet Storm Center, InfoCON: green Category: Alerts Topic: Vulnerabilities |
Click to Open Code Editor