CySecurity News – Latest Information Security and Hacking Incidents
GitHub has shared a timeline of last month’s security breach that saw an attacker using stolen OAuth app tokens to steal private repositories from dozens of organizations.
OAuth tokens were issued to two third-party integrators, Heroku and Travis-CI but were stolen by an unknown hacker. According to GitHub’s Chief Security Officer Mike Hanley, the company is yet to unearth evidence that its systems have been breached since the incident was first identified on April 12th, 2022.
OAuth tokens are one of the go-to elements that IT vendors use to automate cloud services like code repositories and DevOps pipelines. While these tokens are useful for enabling key IT services, they are also susceptible to theft.
“If a token is compromised, in this case, a GitHub token, a malicious actor can steal corporate IP or modify the source to initiate a supply chain attack that could spread malware or steal PII from unsuspecting customers,” Ray Kelly, a researcher at NIT Application Security, explained.
<
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: