Lessons from Lapsus - CISO on Building a comprehensive secrets management program
Following a breach by the Lapsus$ cyber gang, Jason Haddix, then CISO of UbiSoft called over 40 other CISOs to discuss strategies on how to be more resilient to attacks. Those conversations led him to create a 4 step guide to building a comprehensive secrets management program.
Why ChatGPT is a security concern for your organization (even if you don't use it)
ChatGPT may not be used by all organizations and may even be banned. But that doesn't mean you don't have exposure to the security risks it contains. This post looks at why ChatGPT should be part of your threat landscape.
Best Practices for Managing and Storing Secrets Including API Keys and Other Credentials [cheat sheet included]
We have compiled a list of some of the best practices to prevent API key leakage and keep secrets and credentials safe. Secrets management doesn’t have a one-size-fits-all approach, so this list considers multiple perspectives so you can be informed in deciding to or not to implement strategies.
Creating a Honeytoken - Complete Tutorial
Honeytokens or Canary Tokens are credentials designed to alert you when an attacker is in your infrastructure. This is a complete tutorial how to create them using only open-source projects.
Exposing secrets on GitHub: What to do after leaking credentials and API keys
If you have discovered that you have just exposed a sensitive file or secrets to a public git repository, there are some very important steps to follow.
The State of Security in Australia: HackSydney and BSides give insight into security post-Medibank and Optus
Cybersecurity in Australia has moved well and truly into the focus of the
mainstream media and the everyday public. This year we saw two catastrophic
security breaches with Optus, an Australian telecom provider, and Medibank, one
of the largest health insurance providers in Australia.
Millions of .git folders exposed publicly by mistake
New research by CyberNews has revealed that there are millions of private git repositories that are, in fact, not all that private.
Dropbox Suffers Data Breach From Phishing Attack, Exposing Customer and Employee Emails
Dropbox has confirmed they suffered a data breach involving a bad actor gaining access to credentials, data, and other secrets inside their internal GitHub code repositories.
Poisoning the source – How and why attackers are targeting developer accounts
This year at DEFCON and Black Hat—the world's largest security and hacking conferences—many talks focused on how attackers target developers' accounts. Here are the key points.
Uber Breach 2022 – Everything You Need to Know
On Thursday, September 15th, Uber confirmed reports of an organization-wide cybersecurity breach. This is an evolving situation, but we will bring you here the latest information and commentary as we get it.
Crappy code, crappy Copilot. GitHub Copilot is writing vulnerable code and it could be your fault
The promise of AI code assistance like Copilot was an exciting promise when released. But they might not be the answer to all your problems. A research study has now found that while Copilot frequently introduces vulnerabilities, it may in fact be influenced by the input. Poor code, poor outcome.
Black Hat 25 – What you need to know
Missed out on Black Hat 2022 briefings or got stuck in the business hall? We have you covered.
Secure Software Development Life Cycle (SSDLC)
In this post, we are going to break down the SDLC and look at how we can add security at each stage with helpful resources.
How Hackers Used Stolen GitHub Tokens to Access Private Source Code
Attackers have used stolen OAuth tokens issued to Travis CI and Heroku to gain access to private git repositories on GitHub. Here we take a look at exactly what happened, why it's significant, and how to mitigate the issue.
Latest from Lapsus$, Reviewing the Microsoft Breach
Lapsus$ has continued its prolific pace of breaches now leaking internal source code from 250 Microsoft projects. GitGuardian analyzed the code looking for secrets sprawl.
Samsung and Nvidia are the latest companies to involuntarily go open-source leaking company secrets
Nearly 200GB of source code from Samsung and the source code from Nvidia's
latest DLSS technology has been published online by The Lapsus$ hacking group.
Internal source code being leaked online by adversaries is happening with
alarming regularity in recent years. Only a few
Mackenzie Jackson, GitGuardian: “code security needs to be a layered approach”
Security should be something that companies implement into the software development lifecycle as early as possible. It should be a consideration at every step of development, from design and through to deployment and every incremental change made thereafter.
Source Code as a Vulnerability - A Deep Dive into the Real Security Threats From the Twitch Leak
While most of the attention has been on streamers’ revenues, our 6000 Git repositories study shows a much more serious problem that extends far beyond just this single breach.
Supply Chain Attacks: 6 Steps to protect your software supply chain
This article looks at software supply chain attacks, exactly what they are and 6 steps you can follow to protect your software supply chain and limit the impact of a supply chain attack.
GitHub Universe 2021 Overview – What you missed from the GitHub conference
Missed the GitHub Universe 2021? Here are the key takeaways from the conference including key features and what we can expect in the future from GitHub.
Supply chain attacks and ransomware groups, the focus of Black Hat 2021 (conference recap)
One of the biggest security events of the year, Black Hat finished. This article looks at the key takeaways from Black Hat, the massive increase in Supply chain and ransomware attacks and what experts say can be the solution.
Setting up a pre-commit git hook with ggshield, the GitGuardian CLI.
In this tutorial we are going to run through how to create a pre-commit git hook using GitGuardian Shield to detect secrets before they enter your repository.
Codecov supply chain breach - explained step by step
Codecov recently had a significant breach as attackers were able to put a backdoor into Codecov to get access to customers' sensitive data. This article reviews exactly what happened, how attackers gained access, how they used sensitive information and of course, what to do if you were affected.