There’s no shortage of cyber-attacks making the headlines, but what do they mean for you?

At CyberCX, we keep a close eye on the news to identify reports of the latest trends, issues and exploits.

Here we present a selection of recent news stories that caught our attention, and the important lessons we can learn to keep secure.

Read the full story

ShinyHunters, a notorious cyber criminal group that’s been responsible for numerous data breaches since last year, has been observed searching companies’ GitHub repository source code for vulnerabilities and credentials.

The group has a history of compromising developer code repositories, such as GitHub, to steal credentials or API keys to a company’s cloud services. These are subsequently used to gain access to databases and gather sensitive information to be resold for profit or published for free on hacker forums.

Researchers claim that the group has exposed more than 1.12 million unique email addresses belonging to S&P 100 organisations, education, government and military entities as of late 2020. It is estimated that approximately 20% of all breaches occur as a result of compromised credentials.

Whilst ShinyHunters may not have the notoriety of other ransomware groups, monitoring malicious actors operating in repositories is crucial to preventing an organisation being compromised. It is thought that last year’s SolarWinds winds breach may have stemmed from credentials being inadvertently left in code that was stored in an open source repository.

This is an important reminder to all code developers to ensure that all credentials are removed from any code before storing it in any repositories such as GitHub. Having independent source code reviews throughout the software development cycle can help ensure such information remain confidential.

Read the full story

APIs have become indispensable business tools for many organisations who rely on them to connect multiple applications. Due to the fact that APIs enable large volumes of data transmission, they have long been an attractive target for attackers.

Without proper security testing, APIs can become a perfect point of attack. Due to the fact they are trusted by an application, APIs should be a cause for concern for all organisations that are utilising them.

Researchers have identified the following three common API vulnerabilities all organisations should be addressing:

1. Broken Object Level Authorisation (BOLA) which allows an attacker to perform an unauthorised action by reusing an access token.
2. Broken User Authentication which allows attackers to impersonate legitimate users.
3. Improper Assets Management which allows attackers to access under-secured API endpoints.

Ensuring the applications in your environment are not vulnerable to these three possible API bugs is critical. With expert API penetration testing, your organisation will be able to test the APIs connecting your applications to ensure they are not open to exploitation which can result in large-scale data breaches.