• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
heroku forces user password resets following github oauth token theft

Heroku Forces User Password Resets Following GitHub OAuth Token Theft

You are here: Home / General Cyber Security News / Heroku Forces User Password Resets Following GitHub OAuth Token Theft
May 5, 2022

Salesforce-owned subsidiary Heroku on Thursday acknowledged that the theft of GitHub integration OAuth tokens more associated unauthorized entry to an internal buyer database.

The firm, in an up to date notification, discovered that a compromised token was abused to breach the databases and “exfiltrate the hashed and salted passwords for customers’ person accounts.”

As a consequence, Salesforce stated it is resetting all Heroku person passwords and guaranteeing that most likely influenced qualifications are refreshed. It also emphasized that inside Heroku qualifications had been rotated and additional detections have been place in position.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


The attack marketing campaign, which GitHub found on April 12, associated to an unidentified actor leveraging stolen OAuth person tokens issued to two third-party OAuth integrators, Heroku and Travis-CI, to down load facts from dozens of companies, including NPM.

The timeline of gatherings as shared by the cloud system is as follows –

  • April 7, 2022 – Danger actor obtains entry to a Heroku databases and downloads stored client OAuth obtain tokens utilized for GitHub integration.
  • April 8, 2022 – Attacker enumerates metadata about consumer repositories making use of the stolen tokens.
  • April 9, 2022 – Attacker downloads a subset of Heroku non-public repositories from GitHub

GitHub, last week, characterized the attack as very targeted, introducing the adversary was “only listing businesses in buy to establish accounts to selectively target for listing and downloading non-public repositories.”

Heroku has due to the fact revoked all the access tokens and taken out assistance for deploying apps from GitHub by way of the Heroku Dashboard to confirm that “the integration is safe in advance of we re-allow this performance.”

Discovered this report interesting? Comply with THN on Fb, Twitter  and LinkedIn to read through far more special content we post.


Some elements of this posting are sourced from:
thehackernews.com

Previous Post: «wannacry showed the world how not to write ransomware WannaCry showed the world how not to write ransomware
Next Post: Researchers Disclose 10-Year-Old Vulnerabilities in Avast and AVG Antivirus researchers disclose 10 year old vulnerabilities in avast and avg antivirus»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • WooCommerce Patches Critical Plugin Flaw Affecting Half a Million Sites
  • GitHub Updates Security Protocol For Operations Over SSH
  • Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data
  • Some GitHub users must take action after RSA SSH host key exposed
  • THN Webinar: Inside the High Risk of 3rd-Party SaaS Apps
  • Pension Protection Fund confirms employee data exposed in GoAnywhere breach
  • GitHub Swiftly Replaces Exposed RSA SSH Key to Protect Git Operations
  • Now UK Parliament Bans TikTok from its Network and Devices
  • IRS Phishing Emails Used to Distribute Emotet
  • Researchers Uncover Chinese Nation State Hackers’ Deceptive Attack Strategies

Copyright © TheCyberSecurity.News, All Rights Reserved.