GitHub Archives - Help Net Security

GitHub

Fugue open sources Regula to evaluate Terraform for security misconfigurations and compliance violations

January 16, 2020

Fugue has open sourced Regula, a tool that evaluates Terraform infrastructure-as-code for security misconfigurations and compliance violations prior to deployment. Regula …

WhiteSource now supports GitHub Packages

November 18, 2019

WhiteSource, the leader in open source security and license compliance management, announced support for GitHub Packages and with it the ability to automate container …

GitHub Security Lab aims to make open source software more secure

November 15, 2019

GitHub, the world’s largest open source code repository and leading software development platform, has launched GitHub Security Lab. “Our team will lead by …

GitHub announces wider array of 2FA options, including security keys and biometrics

August 26, 2019

GitHub has started supporting the Web Authentication (WebAuthn) web standard, allowing users to use security keys for two-factor authentication with a wide variety of browsers …

GitHub introduces Dependabot-powered automated security fixes

May 28, 2019

GitHub, the largest code-hosting site in the world, has announced many new features and changes at the 2019 GitHub Satellite conference that took place last week in Berlin. …

Attackers breached Docker Hub, grabbed keys and tokens

April 29, 2019

Docker, the company behing the popular virtualization tool bearing the same name, has announced late on Friday that it has suffered a security breach. There was no official …

GitHub adds Python support for security alerts

July 17, 2018

GitHub has announced that its recently introduced feature for alerting developers about known vulnerabilities in software packages that their projects depend on will now also …

AutoSploit: Automated mass exploitation of remote hosts using Shodan and Metasploit

February 1, 2018

A “cyber security enthusiast” that goes by VectorSEC on Twitter has published AutoSploit, a Python-based tool that takes advantage of Shodan and Metasploit modules …

GitHub starts alerting developers of security vulnerabilities in dependencies

November 20, 2017

Popular Git repository hosting service GitHub has introduced a new feature to help developers keep their projects safer: security alerts for vulnerabilities in software …

Facebook and GitHub test new account recovery option

January 31, 2017

Facebook and GitHub have partnered to provide GitHub users who employ two-factor authentication an easier way to recover access to their account in case they get locked out of …

8 million GitHub profiles scraped, data found leaking online

November 18, 2016

Technology recruitment site GeekedIn has scraped 8 million GitHub profiles and left the information exposed in an unsecured MongoDB database. The backup of the database was …

GitHub accounts compromised in wake of reused password attack

June 17, 2016

Three days ago, an unknown attacker has been spotted trying to break into a large number of GitHub accounts and has managed to access some of them, Shawn Davenport, Vice …

GitHub

Fugue open sources Regula to evaluate Terraform for security misconfigurations and compliance violations

WhiteSource now supports GitHub Packages

GitHub Security Lab aims to make open source software more secure

GitHub announces wider array of 2FA options, including security keys and biometrics

GitHub introduces Dependabot-powered automated security fixes

Attackers breached Docker Hub, grabbed keys and tokens

GitHub adds Python support for security alerts

AutoSploit: Automated mass exploitation of remote hosts using Shodan and Metasploit

GitHub starts alerting developers of security vulnerabilities in dependencies

Facebook and GitHub test new account recovery option

8 million GitHub profiles scraped, data found leaking online

GitHub accounts compromised in wake of reused password attack

Don't miss

Mitsubishi Electric discloses data breach, possible data leak

Data-driven vehicles: The next security challenge

Review: Enzoic for Active Directory

Techniques and strategies to overcome Kubernetes security challenges

A look at cybersecurity for rail systems, building automation and the future of critical infrastructure