CISA Details Incident Response to Exposed AWS GovCloud Keys
CISA reveals how it responded after sensitive AWS GovCloud credentials and internal data were exposed in a public GitHub repository
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
CISA reveals how it responded after sensitive AWS GovCloud credentials and internal data were exposed in a public GitHub repository
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.
The AI-assisted attack, which started with exposed credentials from public S3 buckets, rapidly achieved administrative privilges.
You can find out if your GitHub codebase is leaking keys ... but so can miscreants A free automated tool that lets anyone scan public GitHub repositories for exposed AWS credentials has been released.…
Threat Actor 'Codefinger' Targets Cloud EnvironmentsA ransomware group is targeting Amazon S3 buckets, exploiting the data stored there using AWS’s server-side encryption with customer keys and demanding a ransom in exchange for the encryption key needed to unlock the data. The group uses compromised or publicly exposed AWS account credentials.
Researchers just scratching surface of their understanding of campaign dating back to 2020 Security researchers have uncovered a multi-year cryptojacking campaign they claim autonomously clones GitHub repositories and steals their exposed AWS credentials.…
A new ongoing campaign dubbed EleKtra-Leak has set its eyes on exposed Amazon Web Service (AWS) identity and access management (IAM) credentials within public GitHub repositories to facilitate cryptojacking activities
Multiple malicious Python packages available on the PyPI repository were caught stealing sensitive information like AWS credentials and transmitting it to publicly exposed endpoints accessible by anyone. [...]
Multiple malicious Python packages available on the PyPI repository were caught stealing sensitive information like AWS credentials and transmitting it to publicly exposed endpoints accessible by anyone. [...]
Researchers have discovered a number of malicious Python packages in the official third-party software repository that are engineered to exfiltrate AWS credentials and environment variables to a publicly exposed endpoint