serisec

Category: Cybersecurity & Infrastructure Security Agency

  • CISA Admin Leaked AWS GovCloud Keys on Github

    CISA Admin Leaked AWS GovCloud Keys on Github Until this past weekend, a contractor for the Cybersecurity & Infrastructure Security Agency (CISA) maintained a public GitHub repository that exposed credentials to several highly privileged AWS GovCloud accounts and a large number of internal CISA systems. Security experts said the public archive included files detailing how…

  • Microsoft Fix Targets Attacks on SharePoint Zero-Day

    Microsoft Fix Targets Attacks on SharePoint Zero-Day On Sunday, July 20, Microsoft Corp. issued an emergency security update for a vulnerability in SharePoint Server that is actively being exploited to compromise vulnerable organizations. The patch comes amid reports that malicious hackers have used the SharePoint flaw to breach U.S. federal and state agencies, universities, and…