November 16, 2024 at 10:34AM GitHub projects, including Exo Labs, have faced malicious commits and pull requests aimed at injecting backdoors. This has raised concerns about the attackers’ motives and the security of such repositories. **Meeting Takeaways:** 1. **Security Threat Identification**: There is an ongoing concern regarding malicious commits and pull requests targeting GitHub projects. … Read more
October 16, 2024 at 01:42AM GitHub has released security updates for Enterprise Server (GHES) addressing a critical vulnerability (CVE-2024-9487) that could enable unauthorized access via SAML SSO. The flaw has a CVSS score of 9.5. Additional vulnerabilities were also patched. Users are urged to update to the latest versions for enhanced security. ### Meeting Takeaways … Read more
October 15, 2024 at 01:31PM A critical vulnerability in GitHub Enterprise Server could allow unauthorized access to affected instances. GitHub has released a patch to address this severe flaw, ensuring better security for users. **Meeting Takeaways:** 1. **Critical Vulnerability Identified**: A severe flaw has been discovered in GitHub Enterprise Server that poses a significant risk, … Read more
October 9, 2024 at 05:06PM GitHub and GitLab are increasingly targeted for malicious activities, including a malware campaign using legitimate GitHub repositories and an exploit allowing unauthorized access to users in GitLab. Attackers leverage the platforms’ trusted reputations to deploy malware, highlighting significant security risks for organizations using these collaborative tools. ### Meeting Takeaways: 1. … Read more
September 19, 2024 at 07:10AM A malicious threat campaign is using GitHub repositories to distribute malware. The campaign targets users who are part of an open source project or subscribe to email notifications from it. Malicious GitHub users create false “security vulnerability” issues to spread malware. From the meeting notes, it appears that a threat … Read more
August 16, 2024 at 03:11PM Microsoft urged Entra global admins to enable multi-factor authentication (MFA) for their tenants by October 15 to enhance security and protect against phishing and hijacking attempts. Admins can delay MFA enforcement until April 15, 2025, but it’s advised to set up MFA now to secure cloud resources. MFA will gradually … Read more
July 29, 2024 at 03:42AM Stargazer Goblin operates a network of inauthentic GitHub accounts, distributing malware and earning $100,000 in illicit profits. The “Ghost” accounts engage in various activities to appear legitimate, making them resistant to takedowns. The scheme propagates malware families such as Atlantida Stealer and involves social engineering attacks, targeting GitHub repositories and … Read more
July 25, 2024 at 03:59PM Truffle Security researchers discovered a vulnerability termed CFOR, allowing data access from deleted GitHub repository forks. Accessing a deleted commit through the original repo’s fork poses security risks. GitHub views this as an intended feature, not a flaw. The platform contains lingering “dangling commits” even after deletion. Truffle Security advises … Read more
July 24, 2024 at 06:01PM Stargazer Goblin operates a malware Distribution-as-a-Service on GitHub through a network named Stargazers Ghost Network. The group utilizes fake accounts and compromised sites to distribute password-protected archives containing malware, leading to successful phishing attacks. The operation has generated over $100,000 and continues despite the takedown of some repositories. Users visiting … Read more
July 12, 2024 at 11:27AM SecurityWeek’s cybersecurity news roundup provides a curated collection of noteworthy developments in the cybersecurity landscape. This week’s stories include Apple issuing spyware warnings, a data breach affecting 200,000 individuals in Dallas County, and a cyberattack on Sibanye-Stillwater. Additionally, Nasuni announces a significant growth investment and Google enables passkey support for … Read more