Security News
GitHub rotated keys potentially exposed by a vulnerability patched in December that could let attackers access credentials within production containers via environment variables. "On December 26, 2023, GitHub received a report through our Bug Bounty Program demonstrating a vulnerability which, if exploited, allowed access to credentials within a production container. We fixed this vulnerability on GitHub.com the same day and began rotating all potentially exposed credential," said Github VP and Deputy Chief Security Officer Jacob DePriest.
CISA and the FBI warned today that threat actors using Androxgh0st malware are building a botnet focused on cloud credential theft and using the stolen information to deliver additional malicious payloads. "Androxgh0st is a Python-scripted malware primarily used to target.env files that contain confidential information, such as credentials for various high profile applications," the two agencies cautioned.
Threat actors are using communication about personal pension accounts plans in the U.S.), salary adjustments, and performance reports to steal company employees' credentials. Cofense says that throughout last year it has seen a sharp rise in QR codes embedded in those phishing emails, taking recipients to a fake login page designed to steal credentials.
Cybercriminals are preying on the inherent helpfulness of hotel staff during the sector's busy holiday season. When the staff then responds by requesting more information, the attacker sends a message directing the staff to open a link that supposedly contains evidence supporting their claim.
In a presentation at the Black Hat Europe security conference, researchers from the International Institute of Information Technology at Hyderabad said that their tests showed that most password managers for Android are vulnerable to AutoSpill, even if there is no JavaScript injection. Password managers on Android use the platform's WebView framework to automatically type in a user's account credentials when an app loads the login page to services like Apple, Facebook, Microsoft, or Google.
The threat actor known as COLDRIVER has continued to engage in credential theft activities against entities that are of strategic interests to Russia while simultaneously improving its detection...
Account credentials, a popular initial access vector, have become a valuable commodity in cybercrime. As a result, a single set of stolen credentials can put your organization’s entire network at...
Researchers from security firm GitGuardian this week reported finding almost 4,000 unique secrets stashed inside a total of 450,000 projects submitted to PyPI, the official code repository for the Python programming language. Nearly 3,000 projects contained at least one unique secret.
Microsoft has fixed a critical security vulnerability that could let attackers steal credentials from GitHub Actions or Azure DevOps logs created using Azure CLI. The vulnerability was reported by security researchers with Palo Alto's Prisma Cloud. "Customers using the affected CLI commands must update their Azure CLI version to 2.53.1 or above to be protected against the risks of this vulnerability. This also applies to customers with log files created by using these commands through Azure DevOps and/or GitHub Actions."
Cloud-native big data and security analytics firm Sumo Logic is investigating a potential security incident within their platform, the company revealed on Tuesday. "On Friday, November 3rd, 2023, Sumo Logic discovered evidence of a potential security incident. The activity identified used a compromised credential to access a Sumo Logic AWS account," the company said in its security notice.