Cyber security news for all

More

    Cyberattack Claims On Github Have Microsoft In A Fix

    A hacker has come forward, claiming to have obtained over 500GB of ASCII text files from Microsoft’s personal GitHub archive. The service posted screenshots that attests it likely that the files obtained was on the 28th of March.

    There has been great controversy over the files as the hacker forum post offering it for no cost at all. He tends to exaggerate its actual size, claiming the file on compressing it is 54GB and 500GB when you uncompress. In fact, on compressing, it is 64 GB; research attests to this.

    However, the leaked data includes source codes for Azure, Office, and some Windows runtime files and APIs. Also, the files did not appear to include anything sensitive they probably contain passwords left by mistake in the code.

    Dustin Metzgar, a former Microsoft software engineer for nearly ten years, says the code is unlikely to contain such data. This is because the tech giant puts in enormous effort and time to ensure removal of secrets from source code.

    Metzgar tweeted that there are check-in gates and routine scans for anything that looks like a secret. Making real efforts though, rotating all certs and secrets as well. Nothing is foolproof.

    Microsoft spokesperson confirmed that the company has declared cognizance of the allegement and has duly kickstarted an investigation, but there was no divulging of additional information. A Microsoft staff had responded to the Twitter post, claiming that the leak was a sham. Interestingly, the same staff took down the tweet quite shortly after. It is, in fact, worth the mention that Microsoft owns GitHub.

      Appears to be real

    Another twitter user, Nirmal Guru says the leaked source code appears to be real. He however casts the venture off as worthless and unbecoming as  Microsoft reveals to the public at one stage or the other all private repositories on GitHub.

    However, this seems to be far from the last of our worries as Under The Breach, a reputable source indeed, has reported that the cybercriminal responsible for this hack has also only recently leaked 15 million records stolen from Tokopedia, an e-commerce company based in Indonesia.

    Recent Articles

    Unauthorized access at Scalable Capital

    There has apparently been unauthorized access to individual data at Scalable Capital. The company informed its customers about the incident by mail yesterday, referring...

    The US accuses Russian officers of being in charge for cyber attacks

    The US government has brought charges against Russians who are alleged to have been involved in various cyber attacks as officers of the military...

    Twitter changed its rules for dealing with hacked data

    On Friday night, access to Twitter was disconnected for about two hours. The Chief Engineer announced that the reason was a rebuild in the...

    Norway sees Russia as the perpetrator of the cyber attack

    "It is important that our government refuses to send the Russians a clear sign that we do not know," said the Norway government. According...

    Phishing mail with an incorrect form for Corona bridging aid

    The representation of the European Commission warned of a phishing attempt targeting small and medium sized enterprises. Under the pretext for corona bridging aid,...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox