Researcher Finds Public GitHub Repo Exposing Sensitive CISA Credentials

Researcher Finds Public GitHub Repo Exposing Sensitive CISA Credentials

The episode recounts how GitGuardian security researcher Guillaume Valadon, while monitoring public GitHub for leaked secrets, discovered a publicly accessible repository labeled "CISA-Private" containing highly sensitive CISA materials, including internal DHS/CISA credentials, cloud keys, tokens, plaintext passwords, logs, and files such as "Important AWS Tokens" and a CSV listing usernames and passwords for internal systems. Believing a contractor likely used GitHub to move work from a work device to a home device, Valadon escalated via responsible disclosure to CERT, then involved journalist Brian Krebs to reach CISA faster when the repo remained public.

After additional outreach, the repository was made inaccessible within about a day, and Valadon praises CISA's response speed. The discussion emphasizes widespread poor secret hygiene, governance, training, and the need for organizations to monitor, rehearse, and automate detection and revocation of leaked secrets.

Cybersecurity Today would like to thank Material Security for sponsoring this podcast. Material Security provides faster, more complete detection and response for email, identity, and data threats inside Google Workspace and Microsoft 365. You can contact them at material[dot]security.

00:00 Weekend Welcome Sponsor
00:27 CISA Secrets Leak Found
03:29 Calling Brian Krebs
05:06 Meet GitGuardian Researcher
07:26 Why Leaks Happen Everywhere
10:49 Inside the CISA Repo
13:19 Disclosure and Takedown
17:04 Lessons for Organizations
22:47 Aftermath and Thanks
24:36 Show Wrap Sponsor Outro

Denne episoden er hentet fra en åpen RSS-feed og er ikke publisert av Podme. Den kan derfor inneholde annonser.

Episoder(100)

ShareFile explained, healthcare in critical cyber condition and click fix tops malware charts

ShareFile explained, healthcare in critical cyber condition and click fix tops malware charts

ShareFile emergency explained, a year of Salesforce breaches examined, healthcare cybersecurity in critical condition and click fix goes number one for malware.  David Shipley covers Progress Software...

15 Jul 13min

ShareFile shutdown, double-agent ransomware negotiator sentenced, Helix uses vishing

ShareFile shutdown, double-agent ransomware negotiator sentenced, Helix uses vishing

ShareFile shutdown order, a double-agent ransomware negotiator sentenced, and vishing crews raid SharePoint   Progress Software ordered customers running ShareFile Storage Zone Controllers to shut dow...

13 Jul 10min

AI Export Controls, FortiBleed, Third-Party Breaches & CISO Burnout | Cybersecurity Today Panel

AI Export Controls, FortiBleed, Third-Party Breaches & CISO Burnout | Cybersecurity Today Panel

Can governments decide who gets access to advanced AI models? Are third-party breaches becoming impossible to control? And why are so many CISOs reaching burnout? In this special Cybersecurity Today M...

11 Jul 1h 1min

A questionable breach, bad routers at home and at work and AI gives defenders a win

A questionable breach, bad routers at home and at work and AI gives defenders a win

This episode covers a hacker's claim of stealing 35GB from Accenture—including source code, Azure personal access tokens, RSA keys, and SSH keys—while Accenture calls it an isolated, remediated matter...

10 Jul 12min

Scattered Spider squashed, Rogue Agent AI flaw, 16 year-old Linux bug and new phish hunts marketers

Scattered Spider squashed, Rogue Agent AI flaw, 16 year-old Linux bug and new phish hunts marketers

Cybersecurity Today host David Shipley covers how a newly unsealed U.S. complaint tied an alleged Scattered Spider member to a luxury retailer intrusion using a persistent Windows device ID, with pros...

8 Jul 13min

AI-Run Ransomware, New Oracle Critical Flaw, NetNut busted

AI-Run Ransomware, New Oracle Critical Flaw, NetNut busted

AI-Run Ransomware, New Oracle 9.8 Flaw Exploited, NetNut Proxy Network Busted, and Pegasus Hits EU Spyware Investigator   This episode covers researchers' report of "Jade Puffer," the first ransomware...

6 Jul 14min

Teams battles bots, Bioshocking AI browser guardrails, Fortibleed fuels ransomware

Teams battles bots, Bioshocking AI browser guardrails, Fortibleed fuels ransomware

Teams cracks down on meeting bots, AI guardrails get bypassed, FortiBleed fuels ransomware, and Nissan confirms PeopleSoft breach   Microsoft rolls out a new Teams admin policy, "Manage External Bots ...

3 Jul 10min

US puts $10m bounty on Russian hackers, new phish hunts hotels, Supreme Court reins in geofencing

US puts $10m bounty on Russian hackers, new phish hunts hotels, Supreme Court reins in geofencing

US Puts $10M Bounty on Russian Hackers, Supreme Court Limits Geofence Warrants, New phishing campaign targets hotels, AI Coding Agents Tricked into Malware and Canada's Electronic Spies Go After Ranso...

1 Jul 11min

Populært innen Politikk og nyheter

giver-og-gjengen-vg
aftenpodden-usa
aftenpodden
fotballpodden-2
forklart
popradet
stopp-verden
det-store-bildet
rss-gukild-johaug
hanna-de-heldige
rss-ness
nokon-ma-ga
dine-penger-pengeradet
aftenbla-bla
rss-utenrikskomiteen-med-bogen-og-grasvik
lydartikler-fra-aftenposten
e24-podden
rss-penger-polser-og-politikk
rss-hor-na-krim-2
rss-espen-lee-usensurert