VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

CISA: Publicly Exposed Passwords and Cloud Keys — A Cybersecurity Lesson

CISA: публично обнаружены пароли и облачные ключи — урок для кибербезопасности

Colleagues, please note: a disclosure of exposed credentials granting access to CISA resources has been identified in the cybersecurity field.

In brief:
- A GitGuardian researcher found public spreadsheets on GitHub containing plaintext keys, tokens and files published by a CISA contractor employee.
- The researcher validated some keys; the contractor did not respond to notifications, and CISA has not yet commented on whether the data were used.

Why it matters: an agency that issues security guidance must demonstrate robust secret-storage practices and vendor oversight.

Which secret-management controls for contractors do you consider priorities?

#cybersecurity #CISA #security #DevSecOps

Latest comments

No comments yet.