• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
github says recent attack involving stolen oauth tokens was "highly

GitHub Says Recent Attack Involving Stolen OAuth Tokens Was “Highly Targeted”

You are here: Home / General Cyber Security News / GitHub Says Recent Attack Involving Stolen OAuth Tokens Was “Highly Targeted”
May 3, 2022

Cloud-dependent code hosting platform GitHub described the current attack marketing campaign involving the abuse of OAuth entry tokens issued to Heroku and Travis-CI as “remarkably targeted” in character.

“This pattern of habits implies the attacker was only listing organizations in order to determine accounts to selectively focus on for listing and downloading non-public repositories,” GitHub’s Mike Hanley said in an up to date post.

The security incident, which it learned on April 12, relevant to an unidentified attacker leveraging stolen OAuth user tokens issued to two third-party OAuth integrators, Heroku and Travis-CI, to download knowledge from dozens of corporations, such as NPM.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


The Microsoft-owned enterprise explained previous 7 days that it is in the method of sending a final set of notifications to GitHub prospects who experienced possibly the Heroku or Travis CI OAuth app integrations approved in their accounts.

In accordance to a comprehensive step-by-action examination carried out by GitHub, the adversary is stated to have employed the stolen application tokens to authenticate to the GitHub API, making use of it to listing all the corporations of afflicted users.

This was then succeeded by selectively choosing targets dependent on the detailed companies, pursuing it up by listing the personal repositories of worthwhile users accounts, right before shifting to clone some of all those personal repositories in the long run.

CyberSecurity

The enterprise also reiterated that the tokens ended up not attained by using a compromise of GitHub or its programs, and that the tokens are not saved in their “first, usable formats,” which could be misused by an attacker.

“Clients need to also carry on to keep track of Heroku and Travis CI for updates on their own investigations into the influenced OAuth applications,” GitHub mentioned.

Identified this post intriguing? Abide by THN on Facebook, Twitter  and LinkedIn to read much more special material we put up.


Some components of this write-up are sourced from:
thehackernews.com

Previous Post: «Cyber Security News Spyware Found on Spanish PM’s Phone
Next Post: New Hacker Group Pursuing Corporate Employees Focused on Mergers and Acquisitions new hacker group pursuing corporate employees focused on mergers and»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data
  • Some GitHub users must take action after RSA SSH host key exposed
  • THN Webinar: Inside the High Risk of 3rd-Party SaaS Apps
  • Pension Protection Fund confirms employee data exposed in GoAnywhere breach
  • GitHub Swiftly Replaces Exposed RSA SSH Key to Protect Git Operations
  • Now UK Parliament Bans TikTok from its Network and Devices
  • IRS Phishing Emails Used to Distribute Emotet
  • Researchers Uncover Chinese Nation State Hackers’ Deceptive Attack Strategies
  • Fifth of Execs Admit Security Flaws Cost Them New Biz
  • Online Safety Bill: Why is Ofcom being thrown under the bus?

Copyright © TheCyberSecurity.News, All Rights Reserved.