GitHub users targeted by Sawfish phishing campaign

2020-04-17 09:27

GitHub users beware: online criminals have launched a phishing campaign to try and gain access to your accounts.

They could create a GitHub personal access token, which allows the user to access their GitHub account using the Security Assertion Markup Language.

The phishing site relays the TOTP code to the attacker, who then performs a man-in-the-middle attack and enters the TOTP code into GitHub.

Why is this phishing campaign so important? Any phishing attack is a problem, but getting access to a GitHub user's private repository could yield not only source code but keys to access online applications and SSH keys, along with login credentials for other online services.

Review the SSH keys used to access your GitHub account, verify your email addresses, and review your account's security log to check for any phishy behaviour.

News URL

https://nakedsecurity.sophos.com/2020/04/17/github-users-targetted-by-sawfish-phishing-campaign/

#github #phishing

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Github		10	2	30	29	14	75