Cybersecurity

10003 readers

120 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social

GitHub Compromised (xcancel.com)

submitted 1 day ago* (last edited 1 day ago) by Novocirab@feddit.org to c/cybersecurity@sh.itjust.works

2 comments fedilink hide all child comments

Comments

Crossposted from this Lemmy post

Full quote of @github's thread on X:

We are sharing additional details regarding our investigation into unauthorized access to GitHub's internal repositories.

Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. We removed the malicious extension version, isolated the endpoint, and began incident response immediately.

Our current assessment is that the activity involved exfiltration of GitHub-internal repositories only. The attacker’s current claims of ~3,800 repositories are directionally consistent with our investigation so far.

We moved quickly to reduce risk. Critical secrets were rotated yesterday and overnight with the highest-impact credentials prioritized first.

We continue to analyze logs, validate secret rotation, and monitor for any follow-on activity. We will take additional action as the investigation warrants.

We will publish a fuller report once the investigation is complete.

you are viewing a single comment's thread
view the rest of the comments

[–] Treczoks@lemmy.world 6 points 1 day ago (1 children)

Perfect showcase of Microsoft security.

[–] Eggymatrix@sh.itjust.works 7 points 23 hours ago

I mean, any organization can have a random guy install some crap on their pc. Humans are often the weakest link, I am not a microsoft fanboy and usually despise them, but in this case it looks like they are clearly communicating and performing the right steps.

Hate them when they deserve it, because they usually do. Here nothing points to something nefarious besides the attack itself.