Oddbean new post about | logout
 Hackers Hijack Unsecured Jupyter Notebooks to Stream Illegal Sports Broadcasts

Misconfigured data science environments have been targeted by threat actors for sports stream ripping, according to cloud security firm Aqua Security.

Honeypots operated by the company showed that cybercriminals are targeting misconfigured JupyterLab and Jupyter Notebook applications, which are web-based development environments for notebooks, code, and data.

Aqua Security believes that Jupyter solutions are typically used for data science by individuals who may lack awareness of common misconfigurations that can leave servers vulnerable to hackers. 

Shodan shows roughly 15,000 internet-exposed Jupyter servers and approximately 1% of them — including ones belonging to individuals and companies — allow remote code execution. 

See more
Security Week: https://www.securityweek.com/vulnerable-jupyter-servers-targeted-for-sports-piracy/

The Hackers News:
https://thehackernews.com/2024/11/hackers-hijack-unsecured-jupyter.html

Infosecurity magazine:
https://www.infosecurity-magazine.com/news/hijack-jupyter-servers-sport/

#cybersecurity #jupyternotebook