Vulnerable Jupyter Servers Targeted for Sports Piracy
securityweek
Misconfigured data science environments have been targeted by threat actors for sports stream ripping, according to cloud security firm Aqua Security.
Honeypots operated by the company showed that cybercriminals are targeting misconfigured JupyterLab and Jupyter Notebook applications, which are web-based development environments for notebooks, code, and data.
Aqua Security believes that Jupyter solutions are typically used for data science by individuals who may lack awareness of common misconfigurations that can leave servers vulnerable to hackers.
Shodan shows roughly 15,000 internet-exposed Jupyter servers and approximately 1% of them — including ones belonging to individuals and companies — allow remote code execution.
In the attacks observed by Aqua Security’s researchers, threat actors gained access to unprotected Jupyter servers. They updated the compromised server and then downloaded a tool called FFmpeg, which allows users to record, edit and stream audio and video.
The threat actor abused FFmpeg and the compromised server to capture ...
Copyright of this story solely belongs to securityweek . To see the full text click HERE