As Aqua reported, Team Nautilus found that Jupyter Notebook, an open source web application that is used daily by a large number of professionals to work with data, write code and view results, was recently attacked by Python-based ransomware.
Photo Credit: Aqua To carry out the attack successfully, the attackers had an initial access to a badly configured environment, and then subsequently execute a script that encrypted the files present on a certain path on the server and, finally, unsubscribe to hide the attack. These are potentially attacks that can lead to various problems for the organizations affected, as Jupyter Notebook is used to analyze and build data models and, without an efficient backup policy, there would be substantial losses of information and hours of work.
As usual, to avoid falling victim to such attacks, it is a good habit not only to equip your systems with the best antivirus to protect against ransomware, but also to make sure to use tokens or another authentication method to check the accessing the application, limiting incoming traffic to the software or using network or VPN rules, as well as using SSL to protect data in transit.
Photo Credit: Aqua To carry out the attack successfully, the attackers had an initial access to a badly configured environment, and then subsequently execute a script that encrypted the files present on a certain path on the server and, finally, unsubscribe to hide the attack. These are potentially attacks that can lead to various problems for the organizations affected, as Jupyter Notebook is used to analyze and build data models and, without an efficient backup policy, there would be substantial losses of information and hours of work.
As usual, to avoid falling victim to such attacks, it is a good habit not only to equip your systems with the best antivirus to protect against ransomware, but also to make sure to use tokens or another authentication method to check the accessing the application, limiting incoming traffic to the software or using network or VPN rules, as well as using SSL to protect data in transit.