New, by me: CISA Admin Leaked AWS GovCloud Keys on GitHub
-
Nightwing employee? This outfit?
Threat Convergence: Staying Ahead of Coordinated Attacks | Nightwing posted on the topic | LinkedIn
#ICYMI 🚨 Threat actors aren't slowing down—and neither should your defenses. The #TeamNightwing intelligence experts have identified a concerning trend: threat convergence. Attackers are no longer using isolated tactics. Instead, they are combining multiple sophisticated techniques in coordinated campaigns. Full breakdown of what you need to know ⤵️ https://lnkd.in/einXizGm
LinkedIn (www.linkedin.com)
One more Nightwing LinkedIn post, from three days ago.
#definingtheedge | Nightwing
Cyber threats in the space domain aren’t theoretical, they’re persistent, asymmetric, and accelerating. From ground infrastructure to on-orbit systems, Nightwing helps uncover critical vulnerabilities before adversaries can exploit them, strengthening the resilience of the architectures our national security depends on. That’s why we’re proud to have sponsored Tectonic and Payload's Inside the Dome this week. Bringing together leaders across government and industry it’s clear that cyber resiliency isn’t optional – it’s foundational to every space mission. United States Space Force // United States Department of War #DefiningTheEdge
LinkedIn (www.linkedin.com)
-
@briankrebs Are you seriously telling me that somebody stored AWS govcloud secrets in a github repo ? In a file called "Important AWS Tokens" ? Do they not know who github is ? Is it intentional ?
Has that person been fired into the sun yet, along with whoever hired them ?
@jab01701mid @briankrebs isn't the real wtf storing secrets in a git repo, let alone pushing it to github?
-
@jab01701mid @briankrebs isn't the real wtf storing secrets in a git repo, let alone pushing it to github?
@GerardThornley @briankrebs I guess you have to store secrets somewhere, in your source or CI/CD pipeline playbook. I hope people are not checking in private keys, or the CEO's email password.
But govcloud IIRC is basically AWS but "secure for fedramp". Then using "github" for your source control is like the Manhattan Project keeping their notebooks in the local college library, but in a locked room.
-
New, by me: CISA Admin Leaked AWS GovCloud Keys on GitHub
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.
@briankrebs csv password docs... wow, just wow.
-
@briankrebs That sounds pretty bad, sure- but remember, whomever is left over there has the most important thing, which is loyalty.
@chux0r @briankrebs This is correct. The regime shitcanned everyone associated Biden’s CISA, including the contractors and brought their own people in. Watched it happen
-
It's possible this set of instructions by the CISA contractor might have caused all the trouble:
@briankrebs Seems this dude doesn't know how git works and the organisation did not enforced Separation of work and private stuff (on different devices!).
-
New, by me: CISA Admin Leaked AWS GovCloud Keys on GitHub
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.
@briankrebs Worskpace
-
New, by me: CISA Admin Leaked AWS GovCloud Keys on GitHub
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.
@briankrebs can't make this shit up
anyway I am off for some gardening, enough of those pesky computers -
New, by me: CISA Admin Leaked AWS GovCloud Keys on GitHub
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.
@briankrebs There's no way this is not intentional.
-
one of the most egregious government data leaks in recent history
The word "recent" is doing a lot of heavy lifting here. Like, this is a colossal fuckup, but we've had a lot of other colossal fuckups recently, so... y'know, context.
@Legit_Spaghetti @briankrebs "recent history" as in "this week".
And it's only Tuesday, so...
-
New, by me: CISA Admin Leaked AWS GovCloud Keys on GitHub
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.
@briankrebs make something idiot proof and nature will create a better idiot
Scnr
-
New, by me: CISA Admin Leaked AWS GovCloud Keys on GitHub
Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how CISA builds, tests and deploys software internally, and that it represents one of the most egregious government data leaks in recent history.
So, does any of keys unlock the repo where the unredacted Epstein files are stored?
-
It's possible this set of instructions by the CISA contractor might have caused all the trouble:
@briankrebs are these LLM instructions or a note to self kind of deal?
