New, by me: CISA Admin Leaked AWS GovCloud Keys on GitHub
-
New, by me: CISA Admin Leaked AWS GovCloud Keys on GitHub
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.
@briankrebs The White House got mad at that other Krebs guy for "censorship" at CISA. https://www.whitehouse.gov/presidential-actions/2025/04/addressing-risks-from-chris-krebs-and-government-censorship/ I guess he was censoring the keys then?
-
New, by me: CISA Admin Leaked AWS GovCloud Keys on GitHub
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.
@briankrebs
How Musk-esque of him. -
It's possible this set of instructions by the CISA contractor might have caused all the trouble:
@briankrebs dying to know how that person was selected
-
New, by me: CISA Admin Leaked AWS GovCloud Keys on GitHub
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.
-
New, by me: CISA Admin Leaked AWS GovCloud Keys on GitHub
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.
@briankrebs oh jeez
-
New, by me: CISA Admin Leaked AWS GovCloud Keys on GitHub
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.
@briankrebs vibe security
-
@briankrebs We blame an AI agent for this....
What a fuck-up!!!
@theyosh AI agents don't do this. stupidity does.
-
@briankrebs dying to know how that person was selected
@Viss @briankrebs they probably get a lot done very quickly
-
It's possible this set of instructions by the CISA contractor might have caused all the trouble:
@briankrebs Yes and disabling the warnings and pushing creds in plain text to repos and having it public and having all of them in one repo and then it's for CISA... that is as FUBAR as it can get.
-
New, by me: CISA Admin Leaked AWS GovCloud Keys on GitHub
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.
-
@briankrebs dying to know how that person was selected
@briankrebs because i actually reached out to cisa in the past, asking how to work for them. they told me the only way to do it was unpaid, and condesendingly told me i should do it 'because i love my country'. many others were getting paid. so, needless to say, theres a little club, and im not in it.
but this guy was.
so i reeeeeally wanna know -
New, by me: CISA Admin Leaked AWS GovCloud Keys on GitHub
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.
Nightwing employee? This outfit?
Threat Convergence: Staying Ahead of Coordinated Attacks | Nightwing posted on the topic | LinkedIn
#ICYMI 🚨 Threat actors aren't slowing down—and neither should your defenses. The #TeamNightwing intelligence experts have identified a concerning trend: threat convergence. Attackers are no longer using isolated tactics. Instead, they are combining multiple sophisticated techniques in coordinated campaigns. Full breakdown of what you need to know ⤵️ https://lnkd.in/einXizGm
LinkedIn (www.linkedin.com)
-
It's possible this set of instructions by the CISA contractor might have caused all the trouble:
@briankrebs Where are these from? Didn’t see in the article.
-
@briankrebs Where are these from? Didn’t see in the article.
@richlv from dude's exposed GitHub repo.
-
R relay@relay.infosec.exchange shared this topic
-
New, by me: CISA Admin Leaked AWS GovCloud Keys on GitHub
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.
@briankrebs Our tax dollars at work
-
@briankrebs Our tax dollars at work
@krypt3ia @briankrebs which is ironic, because ive talked to almost half a dozen shops who cisa was paying as their outsourced assessment teams, but when i asked to be one of those they told me to fuck off, then 'how dare you'd me because i asked to be paid for my work. i have all the receipts. made sure to keep those emails tagged.
-
@krypt3ia @briankrebs which is ironic, because ive talked to almost half a dozen shops who cisa was paying as their outsourced assessment teams, but when i asked to be one of those they told me to fuck off, then 'how dare you'd me because i asked to be paid for my work. i have all the receipts. made sure to keep those emails tagged.
@Viss @briankrebs No bid contract
-
New, by me: CISA Admin Leaked AWS GovCloud Keys on GitHub
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.
@briankrebs “Currently, there is no indication that any sEnSiTIVe datA was compromised as a result of this incident,” the CISA spokesperson wrote. "I mean, of course, sensitive data was exposed, but not sEnSiTIVe datA."
-
@briankrebs “Currently, there is no indication that any sEnSiTIVe datA was compromised as a result of this incident,” the CISA spokesperson wrote. "I mean, of course, sensitive data was exposed, but not sEnSiTIVe datA."
@bbdd333 @briankrebs no logs no crime!
-
@briankrebs Are you seriously telling me that somebody stored AWS govcloud secrets in a github repo ? In a file called "Important AWS Tokens" ? Do they not know who github is ? Is it intentional ?
Has that person been fired into the sun yet, along with whoever hired them ?
At some point its intentional. When you have that type of access it should be assumed it is.
