Tag Archive for: GitHub

GitHub Attack Allowed Attackers to Steal Okta’s Source Code

/in


Okta has, however, confirmed that attackers couldn’t access its customer data or services.

Authentication giant Okta has suffered yet another security breach. Reportedly, someone stole Okta’s source code after attacking its repositories on GitHub.

Okta’s chief security officer, David Bradbury, issued a “confidential” email notification to their “security contacts,” revealing that the suspicious activity the company detected earlier in December 2022 has led to the leaking of its code repositories.

“Upon investigation, we have concluded that such access was used to copy Okta code repositories,” Okta’s notification read.

“We have decided to share this information consistent with our commitment to transparency and partnership with our customers,” Okta explained.

According to Bradbury, GitHub notified it about a possible suspicious activity and that someone accessed its code repositories. Okta launched an investigation and concluded that the access had indeed occurred. In response, the company temporarily restricted access to Okta GitHub repositories and suspected all GitHub integrations with 3rd party apps.

Okta has confirmed that the attackers couldn’t access its customer data or services, reports Bleeping Computer. Hence, users of its different services, including HIPAA, DoD, and FedRAMP, were unaffected by this incident and didn’t need to adopt threat-prevention practices.

It is worth noting that the users of these services are mainly US-based government, healthcare, and defence organizations.

Okta and Cyber Attacks

Okta is a cloud-based identity and access management platform that provides secure single sign-on, user provisioning, data security and mobile device management.

The company already had a troublesome year regarding security. In March 2022, Okta confirmed a data breach by the ransomware group LAPSUS$, and in September, Auth0, which is owned by Okta, reported the theft of its old source code.

Possible Repercussions?

There’s no doubt that source code is a valuable asset, and its stealing or leaking can have far-reaching consequences. Okta, a mainstream authentication platform, should be really…

Source…

Pivoting In Metasploit – Metasploit Minute [Cyber Security Education]

/in



Luca Stealer malware spreads after code appears on GitHub • The Register

/in


A new info-stealer malware is spreading rapidly in the wild as the developer behind it continues to add capabilities and recently released the source code on GitHub.

In addition, the Windows software nasty – dubbed Luca Stealer by the folks at Cyble who detected it – is the latest to be built using the Rust programming language.

The researchers wrote in a report that Luca Stealer already has been updated three times, with the developer adding multiple functions, and that they have seen more than 25 samples of the source code in the wild since it was shared via GitHub on July 3, which may lead to wider adoption by the cybercriminal community.

“The developer of the stealer appears to be new on the cybercrime forum and likely leaked the source code of the stealer to build a reputation for themselves,” the researchers wrote. “The developer has also provided the steps to modify the stealer and compile the source code for ease of use.”

They noted that Rust is becoming a go-to programming language for malware developers because of its versatility, cross-platform nature, and that the generated code can seem alien to some reverse engineers and their tools, hindering analysis. The prolific Hive ransomware crew this year migrated its source code from Go to Rust, which analysts with Microsoft’s Threat Intelligence Center earlier this month said made the exortionware more stable and more difficult to reverse engineer.

Other threat groups also are adopting Rust, including the BlackCat ransomware-as-a-service gang. In addition, Kaspersky security researchers this month wrote about a new ransomware family – Luna – that is written in Rust. We’re not too surprised by this: Rust is seen as an up and coming general-purpose language that programmers are using for all kinds of projects, legit and malicious.

“Rust is to C as Go is to Java,” Casey…

Source…

Metasploit Framework Github Setup on Kali Linux – Metasploit Minute [Cyber Security Education]

/in