Fresh From The Docks: Uncovering 100,000 Valid Secrets in DockerHub
This post details the methodology used to scan 15 million Docker images, uncovering a staggering 100,000 valid secrets, including AWS, GCP, and GitHub tokens belonging to Fortune 500 companies. This emphasizes the critical need for improved security practices in containerized environments ... Read More
Security First, Transparency Always: Inside GitGuardian’s Responsible Disclosure Process
In the past 6 months, our security research team disclosed 24 critical vulnerabilities. Most have been successfully remediated. Our team's contributions to cybersecurity have been formally recognized, with our researchers being listed in both Bayer's and Oracle's Security Researcher Hall of Fame ... Read More
What Happened in the U.S. Department of the Treasury Breach? A Detailed Summary
The U.S. Department of the Treasury suffered a major security incident when a Chinese threat actor compromised its third-party cybersecurity service BeyondTrust. The attackers obtained an API key that allowed them to bypass security measures and access unclassified documents ... Read More
The Ultralytics Supply Chain Attack: Connecting the Dots with GitGuardian’s Public Monitoring Data
On December 4, 2024, the Ultralytics Python module was backdoored to deploy a cryptominer. Using GitGuardian’s data, we reconstructed deleted commits, connecting the dots with the initial analysis. This investigation highlights the value of GitGuardian’s data in understanding supply chain attacks ... Read More
Black Alps 2024: Highlights from Switzerland Cybersecurity Ecosystem
Come for the cybersecurity insights, stay for the raclette! Black Alps 2024 packed in Swiss charm with technical talks, a hacker's raclette dinner, and conference-logo chocolates. A perfect mix of threats, treats, and networking ... Read More
The extent of Hardcoded Secrets: From Development to Production
While code repositories are the major source, GitGuardian data reveals the full scope of secret sprawl: for every 42 secrets found in code, 1 is found in ticketing systems like JIRA; for every 21, 1 is in collaboration tools like Confluence; and for every 9, 1 is in messaging systems ... Read More
Docker Zombie Layers: Why Deleted Layers Can Still Haunt You
Docker Zombie Layers are unreferenced image layers that continue to exist for weeks in registries, even after being removed from a manifest. In this hands-on deep dive, we explore how these layers can persist in registries and why ensuring the immediate revocation of exposed secrets is critical ... Read More
How Popular Malware Is Stealing Credentials and What You Can Do About It
Credentials are prime targets for attackers, as they make it easy to access resources as legitimate users without discovering vulnerabilities or using technical exploits. Malware authors know how interesting these low-hanging fruits are and are coming after your secrets! ... Read More
Demystifying Github Cached Views – The Hidden Danger
Some explanations about the hidden danger of GitHub features that allow anyone to access commits you thought had been deleted ... Read More
