Heroku – Cyber Reports Cybersecurity News & Information

Massive cryptomining campaign abuses free-tier cloud dev resources

An automated and large-scale ‘freejacking’ campaign abuses free GitHub, Heroku, and Buddy services to mine cryptocurrency at the provider’s expense. The operation relies on abusing the...

Cyber Security3 years ago

Heroku forces user password resets but fails to explain why

Salesforce-owned Heroku is performing a forced password reset on a subset of user accounts in response to last month’s security incident while providing no information as...

Business3 years ago

GitHub: How stolen OAuth tokens helped breach dozens of orgs

GitHub has shared a timeline of this month’s security breach when a threat actor gained access to and stole private repositories belonging to dozens of organizations....

Business3 years ago

GitHub notifies owners of private repos stolen using OAuth tokens

GitHub says it notified all organizations believed to have had data stolen from their private repositories by attackers abusing compromised OAuth user tokens issued to Heroku and Travis-CI....

Cyber Reports Cybersecurity News & Information

All posts tagged "Heroku"

Massive cryptomining campaign abuses free-tier cloud dev resources

Heroku forces user password resets but fails to explain why

GitHub: How stolen OAuth tokens helped breach dozens of orgs

GitHub notifies owners of private repos stolen using OAuth tokens

Categories

Recent Posts

Recent Comments

IoT security threats highlight the need for zero trust principles

New infosec products of the week: October 27, 2023

Raven: Open-source CI/CD pipeline security scanner

Warning: Google Alerts abused to push fake Adobe Flash updater

CBP Cybersecurity Failures Left Travelers’ Personal Info at Risk, IG Says

Sophos Firewall zero-day bug exploited weeks before fix

Illinois’ financial crisis could bring the state to a halt

The final 6 ‘Game of Thrones’ episodes might feel like a full season

New Season 8 Walking Dead trailer flashes forward in time