Secure Projects With One Piece of Code

15 April 2019

Leakage of secrets such as API keys in GitHub repositories is dangerous. How dangerous? It once caused Uber to leak the contact details of 75m users. Bots are crawling all over GitHub seeking secret keys, a developer served with a $2,375 Bitcoin mining bill found.

Adrian Colyer drew my attention to a paper that shows that such secret leakage is widespread, finds that various existing solutions are ineffective, and suggests a set of regular expressions that the authors found to be more dependable to handle common secret types. See Adrian’s summary in the morning paper.

Read full article on Dzone

Date:

15 April 2019

Categorie(s):

NEWS

Tag(s):

Atomist, Cli, Codes, Commands, Commits, Local, One, Projects, Secure

Understanding Scattered Spider, and how they perform cloud-centric identity attacks2 May 2024
Dropbox Sign customer data accessed in breach2 May 2024
Florida man gets 6 years behind bars for flogging fake Cisco kit to US military2 May 2024
Patch up – 4 critical bugs in ArubaOS lead to remote code execution2 May 2024
Menlo Security inks cybersecurity partnership with Google Cloud2 May 2024