Connect with us

News

US cyber agency CISA exposed reams of passwords and cloud keys to the open web

info

Published

on

Cisa 2240293485.jpg

U.S. cybersecurity agency CISA may have escaped a sizable security breach, thanks to a good-faith security researcher who identified publicly exposed credentials that allowed access to government cloud and internal agency systems.

As first reported by independent security reporter Brian Krebs, GitGuardian security researcher Guillaume Valadon found reams of exposed plaintext credentials listed in spreadsheets, which had been made publicly accessible in a GitHub repository by an employee working for a CISA contractor.

Valadon told Krebs that the exposed credentials were used for accessing systems belonging to CISA and its parent agency, the Department of Homeland Security. Valadon said the credentials included access tokens, cloud keys, and other sensitive files. Valadon told Krebs that he tested some of the keys to verify that they were valid. 

He then reported the lapse to Krebs because the CISA contractor who maintained the GitHub environment did not respond to their alerts.

The security lapse is particularly embarrassing for CISA because the U.S. government agency is responsible for cybersecurity across the civilian federal network. The organization also advises on best cybersecurity practices, which includes storing passwords in secured password managers and not in unprotected spreadsheets.

It’s not clear if anyone found or used the credentials other than Valadon. When reached by TechCrunch, a CISA spokesperson did not immediately comment or say if the agency has any evidence of a breach stemming from this exposure. TechCrunch asked if the agency has revoked and replaced the exposed credentials following the incident.

While the incident was traced back to an employee working for a CISA contractor, CISA is ultimately responsible for the security of its own network and systems, including contractors who work for the agency.

CISA has been without a permanent director since January 20, 2025, when then-CISA director Jen Easterly stepped down ahead of the start of the incoming Trump administration. CISA has also lost about a third of its workforce following cuts, furloughs, and layoffs since Trump took office.

When you purchase through links in our articles, we may earn a small commission. This doesn’t affect our editorial independence.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

News

2027: ‘NDC new direction for Nigeria’ – OK Movement

info

Published

on

By

Nigeria Democratic Party NDC.jpg

The OK Movement has said that the Nigeria Democratic Congress, NDC, remains committed to delivering a new direction for Nigeria.

The Movement said this on Tuesday in a post on its verified X handle.

This came after the the meeting between the Vice-presidential candidate and the national leader of the party on Tuesday.

“With both our presidential and vice-presidential candidates duly uploaded, the NDC remains united, focused, and fully committed to delivering a new direction for Nigeria.

“The National Leader of the NDC, Seriake Dickson, today held a strategic meeting with our Vice Presidential Candidate, Rabiu Musa Kwankwaso.

“We are pleased to announce that Kwankwaso has been successfully uploaded to the INEC portal as the duly nominated Vice Presidential Candidate of the NDC for the 2027 Presidential Election.

“Nigeria Will Be OK,” the Movement wrote.

Continue Reading

News

NDC: Politicians detest judiciary when it goes against them – Gov Sani

info

Published

on

By

Uba Sani 1.jpg


Kaduna State Governor, Uba Sani, has called on Nigerian politicians to desist from politicising everything, including judicial matters, stating that it is not healthy for the nation’s democracy.

Sani made this remark on Tuesday when he featured in an interview on Arise Television’s ‘Prime Time’.

He was speaking on the recent court judgement on the Nigeria Democratic Congress, NDC.

Recall that a Federal High Court in Lokoja, Kogi State, set aside its earlier judgment directing the Independent National Electoral Commission, INEC, to register the NDC as a political party.

Reacting, Sani said, “When it favours politicians, they feel the judiciary is the best place to go, when it goes against them, they feel the judiciary is the worst place to go.

“For some of us that believe in democracy and the rule of law, we have to be very careful. Politicizing every issue is not healthy for us, because many actors that are involved in this NDC issue have been beneficiaries of the judiciary.

“Maybe you have to cast your mind back that even the NDC presidential candidate, Peter Obi, was also someone that benefited from a very strong judicial pronouncement when he was governor of Anambra state.”

Continue Reading

Trending