Malicious Python Libraries Discovered on PyPI, Offensive Security Launches the Kali NetHunter App Store, IBM Livestreaming a Panel with Original Apollo 11 Technicians Today, Azul Systems Announces OpenJSSE and Krita 4.2.3 Released

News briefs for July 17, 2019.

Malicious Python libraries have been found on the official Python
Package Index (PyPI), which contain a hidden backdoor that would
activate when installed on Linux systems. According to ZDNet,
the three packages are named libpeshnx, libpesh and libari, and they
“were authored by the same user (named ruri12) and had been available
for download from PyPI for almost 20 months, since November 2017,
before the packages were discovered earlier this month by security
researchers from ReversingLabs.
The PyPI team removed the packages on July 9, the same day
ReversingLabs notified the PyPI repo maintainers about their findings.”
In addition, “None of the three packages ever listed a description, so
it’s impossible to tell what was their purpose. However, PyPI stats
showed that the packages were being regularly downloaded, with tens of
monthly installations for each.”

Offensive Security,
the creators of open-source Kali Linux,
has launched the Kali NetHunter App Store, “a new one stop shop
for security relevant Android applications. Designed as an alternative
to the Google Play store for Android devices, the NetHunter store is an
installable catalogue of Android apps for pentesting and forensics”.
The press release also notes that the NetHunter store is a slightly
modified version of F-Droid: “While F-Droid installs its clients with
telemetry disabled and asks for consent before submitting crash
reports, the NetHunter store goes a step further by removing the entire
code to ensure that privacy cannot be accidentally compromised”. See
the Kali.org
blog post
for more details.

IBM to reunite original Apollo 11 mission technicians today for a
live panel discussion celebrating the 50th anniversary of the Apollo 11
moon landing. The panel will be available via livestream starting at
2:30pm EDT. From the press release: “Moderated by Dr. John E. Kelly,
IBM Executive Vice President, from the Johnson Space Center in Houston,
Texas, the panel will reunite veterans of the Apollo 11 mission to
share behind-the-scenes details of what it was like to be right in the
middle of the action in the lead-up to and during this historic moment
in time. The panelists will also look ahead to how the future of
artificial intelligence, quantum computing, and other technologies
could help us reach new frontiers.” The livestream will be available here.

Azul Systems announces it has created OpenJSSE, an open-source
implementation of TLS 1.3 for Java SE 8, which is now included in the
latest releases of its Zulu Community and Zulu Enterprise products. You
can find source code, example use cases and documentation on GitHub.

Krita 4.2.3
was released this morning
. This release is mainly a bug fix
release, but it does include one new feature: “it is now possible to
rotate the canvas with a two-finger touch gesture. This feature was
implemented by Sharaf Zaman for his 2019 Google Summer of Code work of
porting Krita to Android. The feature also works on other platforms, of
course.”

Powered by WPeMatico

The featured image was randomly selected. It is an unlikely coincidence if it is related to the post.