Ethical Hacking News
Cisco confirms that data published on its DevHub platform was taken from a public-facing environment, sparking concerns about the vulnerability of public-facing platforms to cyber-attacks. The company's investigation into the breach is ongoing, and preliminary findings suggest that attackers obtained sensitive information, including Github projects, Gitlab Projects, SonarQube projects, Source code, hard-coded credentials, Certificates, Customer SRCs, Confidential Documents, Jira tickets, API tokens, AWS Private buckets, company Technology SRCs, Docker Builds, Azure Storage buckets, Private & Public keys, SSL Certificates, Cisco Premium Products, and other information.
Cisco confirmed that data was stolen from its public-facing DevHub environment. The data was posted on a cybercrime forum by notorious threat actor IntelBroker. Preliminary findings suggest the attackers obtained the data from a public-facing DevHub environment. DevHub is vulnerable to cyber-attacks due to its open nature, highlighting the need for better access controls. Cisco has disabled public access to the site while investigating the breach and reviewing its security measures.
Cisco, a leading networking giant, has confirmed that data published on a cybercrime forum was taken from its public-facing DevHub environment. The company, which provides a range of development resources, including SDKs, documentation, and sample code, for customers to use as needed, announced the breach in an update published on October 21, 2024.
According to Cisco, the data posted by the notorious threat actor IntelBroker on a cybercrime forum was stolen from its DevHub environment. IntelBroker claimed to have gained access to a wide range of sensitive information, including Github projects, Gitlab Projects, SonarQube projects, Source code, hard-coded credentials, Certificates, Customer SRCs, Confidential Documents, Jira tickets, API tokens, AWS Private buckets, company Technology SRCs, Docker Builds, Azure Storage buckets, Private & Public keys, SSL Certificates, Cisco Premium Products, and other information.
The company's investigation into the alleged security incident is still ongoing, but preliminary findings suggest that the attackers obtained the data from a public-facing DevHub environment. This raises concerns about the vulnerability of public-facing platforms to cyber-attacks and the potential risks associated with sharing sensitive information in an open environment.
DevHub is a platform designed for developers to access resources, tools, and APIs to build and integrate applications with Cisco's technologies. It provides a range of development resources, including SDKs, documentation, sample code, and learning materials for networking, security, and cloud infrastructure. The fact that the breach occurred in a public-facing environment highlights the need for organizations to review their access controls and ensure that sensitive information is not inadvertently shared.
IntelBroker targeted many major organizations in past attacks, including AMD, AT&T, Bank of America, Microsoft, Europol, SAP, T-Mobile, Verizon, and others. The fact that Cisco has been breached by a similar threat actor raises concerns about the effectiveness of the company's security measures and the potential risks associated with using similar platforms.
Cisco has disabled public access to the site while it continues its investigation into the breach. The company will engage directly with customers if it determines they have been impacted by this event. In addition, Cisco will review its access controls and ensure that sensitive information is not inadvertently shared in the future.
The breach highlights the importance of cybersecurity awareness and the need for organizations to take proactive measures to protect themselves against cyber-attacks. It also underscores the need for companies like Cisco to review their security measures and ensure that they are effective in preventing similar breaches from occurring.
In conclusion, the recent breach at Cisco's DevHub environment raises concerns about the vulnerability of public-facing platforms to cyber-attacks and the potential risks associated with sharing sensitive information in an open environment. The company's investigation into the breach is ongoing, but preliminary findings suggest that the attackers obtained the data from a public-facing DevHub environment.
Related Information:
https://securityaffairs.com/170075/cyber-crime/cisco-confirms-a-security-breach.html
Published: Mon Oct 21 17:15:08 2024 by llama3.2 3B Q4_K_M
