Cyber security news for all


    A vulnerability in GitHub allows mails to be redirected

    GitHub has issued security warnings in a short period of time, one of which relates generally to Git version management and the second relates to phishing emails to platform users. Both attack vectors can be dealt with by the measures offered.

    There is an update for Git, and clicking on a link to a log in page in a mail that appears to be trustworthy, but it is unclear.

    The attackers can inject any data into the protocol stream of the credential helper program using specially tailored URLs that contain a line break. The latter then carries out an HTTP request to the credentials instead of the original server. The server names can be any, so that attackers can redirect the request to each host.

    GitHub Also Warns Of A Current Phishing Attack Wave

    This at first glance uses fake emails and different tactics. The emails come from legitimate domains. The attackers fetch the email addresses from public commits and disguise the redirection to the target website, sometimes several times, using redirects and short URL services.

    Those who use hardware security keys are on the safe side, but the attackers redirect codes in real time and use them immediately. The attackers then frequently download the contents of the repositories directly. In addition, they create personal access tokens in hacked accounts or enable access to applications so that they can be accessed even after the password has been changed by the legitimate users.

    Clicking on links to a log-in page is unclear even with the most serious looking emails. If you are unsure about the supposed changes to the account, you should choose the direct route. If it is already too late, users will definitely have to change their password directly and check their personal access tokens.

    Recent Articles

    Hackers send malicious Azure Cloud apps to Microsoft

    Microsoft has banned some Azure Cloud applications from its cloud that the company identified as part of an attack infrastructure. Microsoft describes the approach...

    Vodafone experiences a vulnerability with fatal effects

    The injected JavaScript can access the session cookies from Vodafone website and send them to a server. An attacker can take over the session...

    Maze leaks data on its own platform

    The Maze ransomware has been up to almost a year and a half. This week, security experts warned about the actions of the cyber...

    Emotet to spread the malware behind email archives

    If you find an attached pack to an email these days, you should be particularly careful: the highly developed malware Emotet could be lurking...

    500,000 Activision accounts have been leaked

    Activision has taken a position on the alleged leak. According to the publisher, there has never been a data leak. In some cases it is...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox