June 9, 2021 bestdevops AWS Leave a comment

TeamTNT attacks IAM credentials of AWS and Google Cloud

Source:-https://www.scmagazine.com/ Researchers reported Friday that TeamTNT is using compromised AWS credentials to attack AWS cloud environments via the cloud platform’s application programming interface. The threat actors are now also targeting the credentials of 16 additional applications, including the AWS apps as well as Google Cloud credentials. The researchers said the threat actors can now identify all identity and access management (IAM) permissions, elastic computer cloud instances, S3 buckets, CloudTrail configurations, and CloudFormation operations granted to the compromised AWS credentials. This

June 7, 2021 bestdevops GitHub Leave a comment

GitHub’s new policies allow removal of PoC exploits used in attacks

Source:-https://www.bleepingcomputer.com/ GitHub announced on Friday their updated community guidelines that explain how the company will deal with exploits and malware samples hosted on their service. To give some background behind the new policy changes, security researcher Nguyen Jang uploaded a proof-of-concept exploit (PoC) to GitHub in March for the Microsoft Exchange Proxy Logon vulnerability. Soon after uploading the exploit, Jang received an email from Microsoft-owned GitHub stating that PoC exploit was removed as it violated the Acceptable Use Policies. In

December 5, 2020 bestdevops GitHub Leave a comment

Security issues can go undetected for years before being disclosed: GitHub report

Source:-https://www.thehindubusinessline.com Most vulnerabilities are from mistakes, not malicious attacks Security vulnerabilities can often go undetected for over four years before they are disclosed, according to the latest 2020 Security report by GitHub. As per the report, vulnerabilities can often not be detected for more than for years. Once they are disclosed, developers may take over four weeks to fix these vulnerabilities. Once they are identified, the package maintainer and security community typically create and release a fix in just over

November 7, 2020 bestdevops GitHub Leave a comment

GitHub Actions platform vulnerable to code injection attacks – research

Source:-https://portswigger.net A design flaw in Actions, GitHub’s workflow management platform, can give hackers write access to repositories and reveal encrypted secrets, Google Project Zero researcher Felix Wilhelm has reported. An attacker can exploit set-env, one of the commands supported by GitHub Actions, to dump NodeJS commands to the shell output, which are then processed and run by Actions’ runner process. “As the runner process parses every line printed to STDOUT looking for workflow commands, every GitHub action that prints untrusted