Keeping your open source credentials closed
10y agoen
Source
Leaking credentials means exposing secrets that provide access to different accounts. The most common types of leaked credentials are passwords, API keys and SSH private keys. In this post, we discuss best practices you can establish as part of your flow to introduce multiple layers of defense that help prevent mistakes.
You might also wanna read

Guest Post: How I Scanned all of GitHub’s “Oops Commits” for Leaked Secrets ◆ Truffle Security Co.
trufflesecurity.com·1y agoCISA Contractor Exposed AWS GovCloud Credentials on Public GitHub Repository
A contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository until recently that exposed
krebsonsecurity.com·1mo ago
CISA Contractor Exposed AWS GovCloud Credentials on Public GitHub Repository
A contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository until recently that exposed
krebsonsecurity.com·1mo ago

WAF - Updated leaked credentials database
Cloudflare·1y ago
CISA Exposed Its Own Cloud Storage Credentials in Plain Text on Public GitHub Repository
CISA, the U.S. Cybersecurity and Infrastructure Security Agency, left its own cloud storage digital keys (passwords) exposed in plain text o
CISA Contractor Leaks AWS GovCloud Keys and Agency Secrets on Public GitHub; Lawmakers Demand Answers
A CISA contractor with administrative access intentionally published AWS GovCloud keys and other sensitive agency secrets on a public GitHub
krebsonsecurity.com·1mo ago
Security Researchers Find Widespread Exposure of Sensitive Passwords and Credentials Online
The article discusses the widespread problem of users exposing sensitive credentials like passwords, secrets, and keys on public websites an
labs.watchtowr.com·7mo ago
Comments
Sign in to join the conversation.
No comments yet. Be the first.