Security News

Leaving Authentication Credentials in Public Code
2023-11-16 12:10

Researchers from security firm GitGuardian this week reported finding almost 4,000 unique secrets stashed inside a total of 450,000 projects submitted to PyPI, the official code repository for the Python programming language. Nearly 3,000 projects contained at least one unique secret.

Microsoft fixes critical Azure CLI flaw that leaked credentials in logs
2023-11-14 18:43

Microsoft has fixed a critical security vulnerability that could let attackers steal credentials from GitHub Actions or Azure DevOps logs created using Azure CLI. The vulnerability was reported by security researchers with Palo Alto's Prisma Cloud. "Customers using the affected CLI commands must update their Azure CLI version to 2.53.1 or above to be protected against the risks of this vulnerability. This also applies to customers with log files created by using these commands through Azure DevOps and/or GitHub Actions."

Sumo Logic discloses potential breach via compromised AWS credential
2023-11-08 11:43

Cloud-native big data and security analytics firm Sumo Logic is investigating a potential security incident within their platform, the company revealed on Tuesday. "On Friday, November 3rd, 2023, Sumo Logic discovered evidence of a potential security incident. The activity identified used a compromised credential to access a Sumo Logic AWS account," the company said in its security notice.

Cryptojackers steal AWS credentials from GitHub in 5 minutes
2023-10-30 18:31

Security researchers have uncovered a multi-year cryptojacking campaign they claim autonomously clones GitHub repositories and steals their exposed AWS credentials. Given the name "EleKtra-Leak" by researchers at Palo Alto Networks's Unit 42, the criminals behind the campaign are credited with regularly stealing AWS credentials within five minutes of them being exposed in GitHub repositories.

EleKtra-Leak Cryptojacking Attacks Exploit AWS IAM Credentials Exposed on GitHub
2023-10-30 10:56

A new ongoing campaign dubbed EleKtra-Leak has set its eyes on exposed Amazon Web Service (AWS) identity and access management (IAM) credentials within public GitHub repositories to facilitate...

Okta says its support system was breached using stolen credentials
2023-10-20 18:41

Okta says attackers accessed files containing cookies and session tokens uploaded by customers to its support management system after breaching it using stolen credentials. "The threat actor was able to view files uploaded by certain Okta customers as part of recent support cases," said Okta's Chief Security Officer David Bradbury.

Qubitstrike attacks rootkit Jupyter Linux servers to steal credentials
2023-10-18 10:00

Hackers are scanning for internet-exposed Jupyter Notebooks to breach servers and deploy a cocktail of malware consisting of a Linux rootkit, crypto miners, and password-stealing scripts. In a new campaign called 'Qubitstrike,' the threat actors download malicious payloads to hijack a Linux server for cryptomining and to steal credentials for cloud services, such as AWS and Google Cloud.

Fighting off cyberattacks? Make sure user credentials aren’t compromised
2023-10-17 14:02

We'll explore why password reuse is such a huge problem and discuss the best way to mitigate the risks associated with compromised passwords. The Password Reuse Problem and How to Mitigate It. The problem of reusing passwords is massive and one of the biggest ways cybercriminals can hack into multiple accounts associated with a single user.

Citrix Devices Under Attack: NetScaler Flaw Exploited to Capture User Credentials
2023-10-10 05:52

A recently disclosed critical flaw in Citrix NetScaler ADC and Gateway devices is being exploited by threat actors to conduct a credential harvesting campaign. IBM X-Force, which uncovered the...

Hackers hijack Citrix NetScaler login pages to steal credentials
2023-10-09 14:45

Hackers are conducting a large-scale campaign to exploit the recent CVE-2023-3519 flaw in Citrix NetScaler Gateways to steal user credentials. The flaw is a critical unauthenticated remote code execution bug discovered as a zero-day in July that impacts Citrix NetScaler ADC and NetScaler Gateway.