CP
cyberpings
BreachesHIGH

API Credentials Exposed - Thousands Found on Public Sites

Featured image for API Credentials Exposed - Thousands Found on Public Sites
SCSC Media
API credentialsAWSGitHubStripecloud security
🎯

Basically, thousands of private access codes were found online, risking security for many companies.

Quick Summary

A recent study uncovered thousands of API credentials exposed on public websites. Major corporations and government entities are affected, risking sensitive data. Immediate action is needed to secure these credentials.

What Happened

A recent analysis revealed a troubling security issue: nearly 2,000 API credentials were discovered exposed across 10,000 public webpages. This alarming finding was reported by The Register, based on a study conducted by researchers from Stanford University, UC Davis, and TU Delft. They utilized a tool called TruffleHog to scan 10 million websites, uncovering sensitive access tokens that could lead to significant security breaches.

Who's Affected

The exposed credentials belong to a variety of entities, including multinational corporations, critical infrastructure organizations, and government agencies. Notably, a global bank was found to have cloud credentials exposed directly on its website, potentially allowing unauthorized access to its core infrastructure.

What Data Was Exposed

The analysis identified 1,748 valid credentials for services like AWS, GitHub, and Stripe. These credentials serve as access tokens, granting programmatic access to essential services such as cloud platforms and payment providers. The majority of these exposures were located in JavaScript files, with AWS credentials making up over 16% of all verified exposures. This raises concerns about the potential for malicious actors to exploit these vulnerabilities.

What You Should Do

Organizations should immediately review their public-facing code and ensure that sensitive credentials are not exposed. Here are some steps to take:

  • Audit your code: Regularly scan for exposed API keys and credentials.
  • Use environment variables: Store sensitive information securely, away from public access.
  • Implement access controls: Limit permissions associated with API keys to minimize potential damage.
  • Monitor for breaches: Set up alerts for any unauthorized access attempts.

Conclusion

The exposure of these API credentials highlights a critical vulnerability that often goes unnoticed compared to more traditional data breaches. Organizations must take proactive measures to protect their sensitive data and infrastructure from potential exploitation. As the digital landscape evolves, vigilance in securing API access will be paramount to safeguarding against future threats.

🔒 Pro insight: The prevalence of exposed API keys underscores the need for stricter security practices in web development and deployment.

Original article from

SCSC Media
Read Full Article

Share

Related Pings

HIGHBreaches

Hasbro Cyberattack - Investigating Possible Data Breach

Hasbro has reported a cyberattack disrupting its operations. The company is investigating the incident and assessing potential data compromise. Stay tuned for updates as they work to resolve the issue.

Security Affairs·
HIGHBreaches

Hasbro Confirms Cyberattack - Weeks-Long Resolution Expected

Hasbro has confirmed a cyberattack affecting its systems, leading to potential operational delays. The company is investigating and implementing continuity plans to mitigate risks.

SC Media·
HIGHBreaches

Duc App Data Exposure - Thousands of Licenses Leaked Online

A data breach involving the Duc App has exposed thousands of driver's licenses and passports to the public. This incident raises serious concerns about data security practices. Users are urged to monitor their information closely and take protective measures.

TechCrunch Security·
HIGHBreaches

Data Breach - 250,000 Affected at Nacogdoches Memorial Hospital

A major data breach at Nacogdoches Memorial Hospital has compromised the personal and health information of over 250,000 individuals. This incident raises serious privacy concerns and highlights vulnerabilities in healthcare cybersecurity. Affected individuals are urged to monitor their accounts closely.

SecurityWeek·
HIGHBreaches

Mercor Data Breach - Lapsus$ Claims 4TB Stolen Data

Mercor has been hit by a significant data breach, with Lapsus$ claiming to have stolen 4TB of sensitive information. This incident highlights the risks of supply chain vulnerabilities. Companies using LiteLLM should be on high alert for potential data leaks.

SecurityWeek·
HIGHBreaches

Data Breach - Coffee Machine Exposes Corporate Network

A corporate client's data breach stemmed from an internet-connected coffee machine. Default passwords and lack of security allowed attackers to exploit the device. This incident highlights the risks of connected appliances in secure networks.

The Register Security·