%term

Doomed Keys and Hidden Threats: The Scariest Secrets in Your Repositories

Oct 31, 2024 By Gaetan Ferry In GitGuardian

At GitGuardian we see things that no one should ever see. We detect and collect leaked secrets that are so hideous we could lose our sanity. Let us introduce you to some of the most terrifying leaks we saw this year. If you dare.

Read Post

GitGuardian

Read more about Doomed Keys and Hidden Threats: The Scariest Secrets in Your Repositories

Voice of Practitioners

Oct 30, 2024 By GitGuardian In GitGuardian

Joint GitGuardian and CyberArk Report Reveals Growing Concern and Increased Investment in Secrets Security.

Read Post

GitGuardian

Read more about Voice of Practitioners

Voice of Practitioners 2024

Oct 30, 2024 By Thomas Segura In GitGuardian

Organizations spend 32.4% of security budgets on code security, yet only 44% of developers follow secrets management best practices. Get the full insights in our 2024 report.

Read Post

GitGuardian

Read more about Voice of Practitioners 2024

EMERALDWHALE: 15k Cloud Credentials Stolen in Operation Targeting Exposed Git Config Files

Oct 30, 2024 By Miguel Hernández In Sysdig

The Sysdig Threat Research Team (TRT) recently discovered a global operation, EMERALDWHALE, targeting exposed Git configurations resulting in more than 15,000 cloud service credentials stolen. This campaign used multiple private tools that abused multiple misconfigured web services, allowing attackers to steal credentials, clone private repositories, and extract cloud credentials from their source code. Credentials for over 10,000 private repositories were collected during the operation.

Read Post

Sysdig

Read more about EMERALDWHALE: 15k Cloud Credentials Stolen in Operation Targeting Exposed Git Config Files

SOSS Fusion 2024: Uniting Security Minds for the Future of Open Source

Oct 25, 2024 By Dwayne McDaniel In GitGuardian

Discover key takeaways from SOSS Fusion 2024, where security experts gathered to learn from one another about improving our world, AI, and the future of open-source security.

Read Post

GitGuardian

Read more about SOSS Fusion 2024: Uniting Security Minds for the Future of Open Source

The extent of Hardcoded Secrets: From Development to Production

Oct 24, 2024 By Guillaume Valadon In GitGuardian

Code repositories are the primary source of secrets, but GitGuardian data highlights the broader issue of secret sprawl. From code to production, understand how these vulnerabilities expose sensitive data and learn how to enhance your security posture with GitGuardian insights.

Read Post

GitGuardian

Read more about The extent of Hardcoded Secrets: From Development to Production

BSides Orlando 2024: Insights, Innovations, and Security Adventures

Oct 22, 2024 By Dwayne McDaniel In GitGuardian

At BSides Orlando 2024, security experts and students explored the future of cybersecurity, from AI failures to security assessments to efficient log management.

Read Post

GitGuardian

Read more about BSides Orlando 2024: Insights, Innovations, and Security Adventures

GitHub Comments from Legitimate Repositories Exploited to Deliver Remcos RAT

Oct 21, 2024 By Paolo Passeri In Netskope

One of the most interesting findings of our Netskope Threat Labs Report: Insurance 2024 was the discovery that GitHub is the most popular application in terms of malware downloads for this specific vertical, surpassing Microsoft OneDrive, which is usually the undisputed leader of this unwelcome chart.

Read Post

Netskope

Read more about GitHub Comments from Legitimate Repositories Exploited to Deliver Remcos RAT

OWASP Says Secrets Security Is The Most Important Issue For Mobile Applications

Oct 18, 2024 By Dwayne McDaniel In GitGuardian

The latest OWASP Top 10 For Mobile list ranks credential mismanagement as the largest concern our applications face. Let's work to solve this secrets problem together.

Read Post