New, by me: CISA Admin Leaked AWS GovCloud Keys on GitHub
-
New, by me: CISA Admin Leaked AWS GovCloud Keys on GitHub
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.
@briankrebs I shouldn't be laughing.
Workspace is misspelled.
Important tokens, as opposed to the unimportant ones.
-
@briankrebs Are you seriously telling me that somebody stored AWS govcloud secrets in a github repo ? In a file called "Important AWS Tokens" ? Do they not know who github is ? Is it intentional ?
Has that person been fired into the sun yet, along with whoever hired them ?
@jab01701mid @briankrebs
Was the miscreant who stored high-security US government info on a github repo a Musk DOGE bro, by any chance?
Asking for the schadenfreude. -
New, by me: CISA Admin Leaked AWS GovCloud Keys on GitHub
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.
@briankrebs I'm out of popcorn ... but there's a theater a few blocks away! Back in a sec to read this.
-
@briankrebs
Seems they don't have anything to hide 🫣@Hufnagel @briankrebs
...They don't have anything to hide anymore. -
@jab01701mid @briankrebs
Was the miscreant who stored high-security US government info on a github repo a Musk DOGE bro, by any chance?
Asking for the schadenfreude.@Guillotine_Jones @briankrebs Q: How can I exfilltrate secrets without being seen to be exfilltrating secrets ?
A: github -
@briankrebs I'm out of popcorn ... but there's a theater a few blocks away! Back in a sec to read this.
@briankrebs Ok ... my bad. I'm going back out for 1.5 Liters of tequila and some cyanide (for myself).
You gotta be KIDDING me!
-
New, by me: CISA Admin Leaked AWS GovCloud Keys on GitHub
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.
It's possible this set of instructions by the CISA contractor might have caused all the trouble:
-
New, by me: CISA Admin Leaked AWS GovCloud Keys on GitHub
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.
@briankrebs The White House got mad at that other Krebs guy for "censorship" at CISA. https://www.whitehouse.gov/presidential-actions/2025/04/addressing-risks-from-chris-krebs-and-government-censorship/ I guess he was censoring the keys then?
-
New, by me: CISA Admin Leaked AWS GovCloud Keys on GitHub
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.
@briankrebs
How Musk-esque of him. -
It's possible this set of instructions by the CISA contractor might have caused all the trouble:
@briankrebs dying to know how that person was selected
-
New, by me: CISA Admin Leaked AWS GovCloud Keys on GitHub
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.
-
New, by me: CISA Admin Leaked AWS GovCloud Keys on GitHub
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.
@briankrebs oh jeez
-
New, by me: CISA Admin Leaked AWS GovCloud Keys on GitHub
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.
@briankrebs vibe security
-
@briankrebs We blame an AI agent for this....
What a fuck-up!!!
@theyosh AI agents don't do this. stupidity does.
-
@briankrebs dying to know how that person was selected
@Viss @briankrebs they probably get a lot done very quickly
-
It's possible this set of instructions by the CISA contractor might have caused all the trouble:
@briankrebs Yes and disabling the warnings and pushing creds in plain text to repos and having it public and having all of them in one repo and then it's for CISA... that is as FUBAR as it can get.
-
New, by me: CISA Admin Leaked AWS GovCloud Keys on GitHub
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.
-
@briankrebs dying to know how that person was selected
@briankrebs because i actually reached out to cisa in the past, asking how to work for them. they told me the only way to do it was unpaid, and condesendingly told me i should do it 'because i love my country'. many others were getting paid. so, needless to say, theres a little club, and im not in it.
but this guy was.
so i reeeeeally wanna know -
New, by me: CISA Admin Leaked AWS GovCloud Keys on GitHub
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.
Nightwing employee? This outfit?
Threat Convergence: Staying Ahead of Coordinated Attacks | Nightwing posted on the topic | LinkedIn
#ICYMI 🚨 Threat actors aren't slowing down—and neither should your defenses. The #TeamNightwing intelligence experts have identified a concerning trend: threat convergence. Attackers are no longer using isolated tactics. Instead, they are combining multiple sophisticated techniques in coordinated campaigns. Full breakdown of what you need to know ⤵️ https://lnkd.in/einXizGm
LinkedIn (www.linkedin.com)
-
It's possible this set of instructions by the CISA contractor might have caused all the trouble:
@briankrebs Where are these from? Didn’t see in the article.
