|Python Popular With Hackers|
|Written by Janet Swift|
|Wednesday, 03 October 2018|
The latest news of Python's popularity comes from a cyber security software and services company which provides protection to enterprise data and application software. Imperva reports that around 77 percent of all the sites it protects, have been attacked by at least one Python-based tool.
Now the Imperva threat research team has investigated how popular Python is among "bad actors". Looking first at GitHub, Johnathan Azaria, Ori Nakar, Edi Kogan estimated that:
more than 20% of GitHub repositories that implement an attack tool / exploit PoC are written in Python.
Turning to its own data, specifically security incidents but excluding vulnerability scanners, the Imperva team found that the largest group of clients identified (25%) were based on Python, making it the most common vector for launching exploit attempts:
Examining the use of Python in daily attacks against the sites it protects over a period of 80 days, Imperva found that up to 77%, of them were attacked by a Python-based tool:
The researchers noted that the two most popular Python modules used for web attacks are Python Requests (89%) and Urllib (11%). They comment:
Use of the new module, Async IO, is just kicking off, which makes perfect sense when you consider the vast possibilities the library offers in the field of layer 7 DDoS; especially when using a “Spray N’ Pray” technique.
Noting that the number of CVEs (Common Vulnerabilities and Exposures) has increased steeply since 2013, the researchers comment:
The advantages of Python as a coding language make it a popular tool for implementing known exploits.
Looking for the most popular targets for exploits, they found that attacks aimed at Struts, Joomla, WordPress and Drupal were the most common.
In terms of how to respond, the advice from Imperva is:
Unless you can differentiate between requests from Python-based tools and any other tool ... make sure to keep security in mind when developing, keep your system up to date with patches, and refrain from any practice that is considered insecure.
or email your comment to: firstname.lastname@example.org
|Last Updated ( Wednesday, 03 October 2018 )|