We can’t see your secrets, but we can tell you if they’ve leaked on GitHub. Here’s how we do it.

Today, we’re unveiling HasMySecretLeaked, a free toolset to help security and DevOps engineers verify if their organization’s secrets have leaked on GitHub.com.

I was looking at my watch last week and my attention was moved towards the seconds over at the right of the watch face, incrementing nicely along as you’d expect. Now, I don’t know if I’d just spent too long staring at a debugger screen or if it was something in the air, but an idea dawned on me, related to all things command and control, data exfiltration, etc.

Converging networking with security is fundamental to creating a robust and resilient IT infrastructure that can withstand the evolving cyber threat landscape. It not only protects sensitive data and resources but also contributes to the overall success and trustworthiness of an organization. And just as technologies are converging, networking and security teams are increasingly working together.

Trustwave has introduced a new solution allowing organizations using Microsoft Sentinel to obtain the highest return on investment possible while keeping their security level at peak performance and improving response times. Trustwave Managed SIEM for Microsoft Sentinel is a managed solution intended to maximize an organization’s Microsoft E5 investment, specifically firms without a robust cybersecurity team.

It is common knowledge that when it comes to cybersecurity, there is no one-size-fits all definition of risk, nor is there a place for static plans. New technologies are created, new vulnerabilities discovered, and more attackers appear on the horizon. Most recently the appearance of advanced language models such as ChatGPT have taken this concept and turned the dial up to eleven.

In today’s interconnected world, secrets are the keys to unlocking sensitive data and systems. Like hidden gems for attackers, any inadvertent exposure of these secrets could lead to data breaches, unauthorized access, and security compromises. As organizations adopt DevOps practices, artifacts containing secrets are often stored and shared across various stages of the software supply chain, amplifying the risk of exposure.

Cisco has issued a warning regarding a critical security vulnerability (CVE-2023-20198) affecting its IOS XE software. With a severity rating of 10.0 on the CVSS scoring system, the vulnerability grants remote attackers full administrator privileges on affected devices without authentication.

New data from Outpost24 reveals that IT administrators could be just as predictable as end-users when it comes to passwords. An analysis of just over 1.8 million passwords ranks ‘admin’ as the most popular password with over 40,000 entries, with additional findings pointing to a continued acceptance of default passwords.

Software is an essential part of our online experience. Whether it’s our operating systems, web browsers, or the apps we use daily, software plays a crucial role in our lives. However, with great convenience comes a big responsibility, and one of the most essential aspects of online safety is keeping your software updated regularly. In this blog, we’ll explore the significance of keeping your software up-to-date.