Every developer knows that it’s a bad idea to hardcode security credentials into source code. Yet it happens and when it does, the consequences can be dire. Until now, GitHub only made its secret scanning service available to paying enterprise users who paid for GitHub Advanced Security, but starting today, the Microsoft-owned company is making its secrets scanning service available for all public GitHub repos for free.
In 2022 alone, the company notified partners in its secret scanning partner program of moew than 1.7 million potential secrets that were exposed in public repositories. The service scans repositories for over 200 known token formats and then alerts partners of potential leaks — and you can define your own regex patterns, too.
sourse: https://techcrunch.com/
Cloud computing giant Rackspace has confirmed hackers accessed customer data during last month’s ransomware attack. The attack, which Rackspace first confirmed on December 6, impacted the company’s hosted Exchange email environment, forcing the web giant to shut down the hosted email service following the incident. At the time, Rackspace said it was unaware “what, if […]
ate on Friday, Twitter announced a new policy that will remove text message two-factor authentication (2FA) from any account that won’t pay for it. In a blog post, Twitter said that it will only allow accounts that subscribe to its premium Twitter Blue feature to use text message-based 2FA. Twitter users that don’t switch to a different […]
U.S. officials say they have seized dozens of domains linked to some of the world’s leading distributed-denial-of-service-for-hire websites. But TechCrunch found that several of the seized sites are still online. In a press release on Wednesday, the U.S. Department of Justice announced the takedown of 48 domains associated with some of the world’s most popular […]
Leave a Reply