Ethical Hacking News Hubb
Advertisement Banner
  • Home
  • News
  • Ethical Hackers
  • Contact
No Result
View All Result
  • Home
  • News
  • Ethical Hackers
  • Contact
No Result
View All Result
Wellnessnewshubb
No Result
View All Result
Home Ethical Hackers

Hackers Using Fake CircleCI Notifications to Hack GitHub Accounts

admin by admin
September 23, 2022
in Ethical Hackers


GitHub has put out an advisory detailing what may be an ongoing phishing campaign targeting its users to steal credentials and two-factor authentication (2FA) codes by impersonating the CircleCI DevOps platform.

The Microsoft-owned code hosting service said it learned of the attack on September 16, 2022, adding the campaign impacted “many victim organizations.”

The fraudulent messages claim to notify users that their CircleCI sessions have expired and that they should log in using GitHub credentials by clicking on a link.

CyberSecurity

Another bogus email revealed by CircleCI prompts users to sign in to their GitHub accounts to accept the company’s new Terms of Use and Privacy Policy by following the link embedded in the message.

Regardless of the lure, doing so redirects the target to a lookalike GitHub login page designed to steal and exfiltrate the entered credentials as well as the Time-based One Time Password (TOTP) codes in real-time to the attacker, effectively allowing a 2FA bypass.

Hack GitHub Accounts

“Accounts protected by hardware security keys are not vulnerable to this attack,” GitHub’s Alexis Wales said.

Among other tactics embraced by the threat actor upon gaining unauthorized access to the user account include creating GitHub personal access tokens (PATs), authorizing OAuth applications, or adding SSH keys to maintain access even after a password change.

CyberSecurity

The attacker has also been spotted downloading private repository contents, and even creating and adding new GitHub accounts to an organization should the compromised account have organization management permissions.

GitHub said it has taken steps to reset passwords and remove maliciously-added credentials for impacted users, alongside notifying those affected and suspending the actor-controlled accounts. It did not disclose the scale of the attack.

The company is further urging organizations to consider using phishing-resistant hardware security keys to prevent such attacks.

The latest phishing attack comes a little over five months after GitHub suffered a highly targeted campaign that resulted in the abuse of third-party OAuth user tokens maintained by Heroku and Travis CI to download private repositories.





Source link

Tags: computer securitycyber attackscyber newscyber security newscyber security news todaycyber security updatescyber updatesdata breachhacker newshacking newshow to hackinformation securitynetwork securityransomware malwaresoftware vulnerabilitythe hacker news
Previous Post

AV Evading OSX Backdoor And Crypter Framework

Next Post

How to watch The Kardashians season 2 online from anywhere

Next Post

How to watch The Kardashians season 2 online from anywhere

Recommended

2022 年版 NordVPN と Surfshark の比較: 勝者はどちら

4 months ago

What is www2 and is it safe?

1 month ago

© 2022 Ethical Hacking News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Ethical Hackers
  • Contact

Newsletter Sign Up.

No Result
View All Result
  • Home
  • News
  • Ethical Hackers
  • Contact

© 2022 Ethical Hacking News Hubb All rights reserved.