Security Experts Urge IT to Lock Down GitHub Services

Threat intelligence firm Recorded Future has warned that threat actors are increasingly using GitHub services to launch covert cyber-attacks, and urged IT teams to take action.
Its new report, Flying Under the Radar: Abusing GitHub for Malicious Infrastructure, revealed the most popular GitHub services for threat actors.
An analysis of threat intelligence samples between March and November 2023 showed GitHub Raw, GitHub Objects and GitHub Pages were most often used in attacks.
GitHub is used by almost 100 million developers and so represents a potentially large-scale threat if the platform can be successfully abused.
Recorded Future claimed that threat actors use it to blend in with benign network traffic, thus keeping malicious activity hidden.
It added that GitHub services usually remain unblocked in organizations but benefit from high uptime, minimal new account vetting and limited detection possibilities for service providers.
That makes it a popular, low-cost and highly effective platform for command-and-control infrastructure, silent delivery of malware payloads and exfiltration of data, the report claimed.
Organizations need to consider GitHub in their threat modelling, Recorded Future argued.


This Cyber News was published on www.infosecurity-magazine.com. Publication date: Mon, 15 Jan 2024 10:15:19 +0000


Cyber News related to Security Experts Urge IT to Lock Down GitHub Services

CVE-2021-47038 - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: avoid deadlock between hci_dev->lock and socket lock Commit eab2404ba798 ("Bluetooth: Add BT_PHY socket option") added a dependency between socket lock and hci_dev->lock ...
8 months ago Tenable.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
11 months ago Esecurityplanet.com
Choosing the Perfect Smart Lock for Your Home Security - Installing a smart lock on your home is like building a wall of protection around it. In this article, we will explore the benefits of using smart locks, different types of technology available, security features offered, factors to consider when ...
10 months ago Securityzap.com
Securing the code: navigating code and GitHub secrets scanning - Enter the world of GitHub secrets scanning tools, the vigilant sentinels of your digital gala. Secrets scanning in GitHub is anchored by two fundamental strategies: proactive prevention and reactive detection, each serving a critical function in ...
10 months ago Securityboulevard.com
Security Experts Urge IT to Lock Down GitHub Services - Threat intelligence firm Recorded Future has warned that threat actors are increasingly using GitHub services to launch covert cyber-attacks, and urged IT teams to take action. Its new report, Flying Under the Radar: Abusing GitHub for Malicious ...
9 months ago Infosecurity-magazine.com
CVE-2024-26629 - In the Linux kernel, the following vulnerability has been resolved: ...
4 months ago
Benefits and challenges of managed cloud security services - Too many organizations lack the in-house cloud security expertise and resources needed to protect cloud assets effectively. One option to address these challenges is managed cloud security. Outsourcing cloud security to a third party not only helps ...
8 months ago Techtarget.com
Microsoft Copilot for Security provides immediate impact for the Microsoft Defender Experts team - AI is quickly becoming a force multiplier-presenting significant opportunities for security teams to increase productivity, save time, upskill resources, and more. Microsoft Copilot for Security is already showing immediate impact for security teams ...
8 months ago Microsoft.com
6 Best Cloud Security Companies & Vendors in 2024 - Cloud security companies specialize in protecting cloud-based assets, data, and applications against cyberattacks. To help you choose, we've analyzed a range of cybersecurity companies offering cloud security products and threat protection services. ...
8 months ago Esecurityplanet.com
GitHub, PyTorch and More Organizations Found Vulnerable to Self-Hosted Runner Attacks - Last July, we published an article exploring the dangers of vulnerable self-hosted runners and how they can lead to severe software supply chain attacks. GitHub itself was found vulnerable, as well as various notable organizations, such as PyTorch, ...
9 months ago Securityboulevard.com
CVE-2024-26775 - In the Linux kernel, the following vulnerability has been resolved: aoe: avoid potential deadlock at set_capacity Move set_capacity() outside of the section procected by (&d->lock). To avoid possible interrupt unsafe locking scenario: CPU0 CPU1 ---- ...
7 months ago Tenable.com
CVE-2024-36003 - In the Linux kernel, the following vulnerability has been resolved: ...
5 months ago
GitHub code-signing certificates stolen - Another day, another access-token-based database breach. This time, the victim is Microsoft's GitHub business. On December 6, 2022, repositories from our atom, desktop, and other deprecated GitHub-owned organizations were cloned by a compromised ...
1 year ago Nakedsecurity.sophos.com
10 Best Security Service Edge Solutions - Security Service Edge is an idea in cybersecurity that shows how network security has changed over time. With a focus on customized solutions, Security Service Edge Solutions leverages its expertise in multiple programming languages, frameworks, and ...
8 months ago Cybersecuritynews.com
Normalizing Security Culture: Stay Ready - While it may seem like self-promotion or extraneous work, it’s extremely valuable to take the extra time to summarize threats stopped, processes improved, projects completed and team members modeling strong security behavior. Most people don't ...
1 month ago Darkreading.com
CVE-2024-26732 - In the Linux kernel, the following vulnerability has been resolved: net: implement lockless setsockopt(SO_PEEK_OFF) syzbot reported a lockdep violation [1] involving af_unix support of SO_PEEK_OFF. Since SO_PEEK_OFF is inherently not thread safe (it ...
7 months ago Tenable.com
Embracing Security as Code - Everything is smooth until it isn't because we traditionally tend to handle the security stuff at the end of the development lifecycle, which adds cost and time to fix those discovered security issues and causes delays. Over the years, software ...
10 months ago Feeds.dzone.com
Cybersecurity jobs available right now: October 2, 2024 - Help Net Security - As an Applied Cybersecurity Engineer (Center for Securing the Homeland), you will apply interdisciplinary competencies in secure systems architecture and design, security operations, threat actor behavior, risk assessment, and network security to ...
1 month ago Helpnetsecurity.com
Microsoft Security Copilot improves speed and efficiency for security and IT teams - First announced in March 2023, Microsoft Security Copilot-Microsoft's first generative AI security product-has sparked major interest. With the rapid innovations of Security Copilot, we have taken this solution beyond security operations use cases ...
11 months ago Microsoft.com
Gaining Insights on the Top Security Conferences - A Guide for CSOs - Are you a CSO looking for the best security events around the world? Well, you have come to the right place! This article is a guide to the top security conferences that offer essential security insights to help make informed decisions. Security ...
1 year ago Csoonline.com
WhatsApp Beta Testing Expanded Authentication Methods for App Lock Feature - In a world where privacy and security are increasingly important, WhatsApp continues to prioritize the protection of user data through encrypted messaging. Recently, the app has been testing a new label to highlight chat encryption, further ...
7 months ago Cysecurity.news
CVE-2021-32638 - Github's CodeQL action is provided to run CodeQL-based code scanning on non-GitHub CI/CD systems and requires a GitHub access token to connect to a GitHub repository. The runner and its documentation previously suggested passing the GitHub token ...
2 years ago
CVE-2023-52632 - In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix lock dependency warning with srcu ====================================================== WARNING: possible circular locking dependency detected 6.5.0-kfd-yangp #2289 ...
7 months ago Tenable.com
CVE-2024-47744 - In the Linux kernel, the following vulnerability has been resolved: KVM: Use dedicated mutex to protect kvm_usage_count to avoid deadlock Use a dedicated mutex to guard kvm_usage_count to fix a potential deadlock on x86 due to a chain of locks and ...
2 weeks ago Tenable.com
Marketing Strategies for PaaS Services: Get Ahead of the Curve - With the ever-growing demand for cloud-based performance and services, Platform-as-a-Service (PaaS) is becoming increasingly critical for modern software development. PaaS is a cloud-based platform, providing businesses with an integrated suite of ...
1 year ago Hackread.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)