One Article Review
| Source |  CSO |
|---|---|
| Identifiant | 8301964 |
| Date de publication | 2023-01-17 13:53:00 (vue: 2023-01-17 22:08:49) |
| Titre | How attackers might use GitHub Codespaces to hide malware delivery |
| Texte | Attackers could start abusing GitHub Codespaces, a new service that allows developers to create and test applications inside development containers running on GitHub's servers. Developers can make their applications accessible via public GitHub URLs for preview by others, a functionality that can be abused to distribute malware payloads in a stealthy way."If the application port is shared privately, browser cookies are used and required for authentication," researchers from security firm Trend Micro said in a new report. "However, if ports are shared with the public (that is, without authentication or authentication context), attackers can abuse this feature to host malicious content such as scripts and malware samples."To read this article in full, please click here |
| Envoyé | Oui |
| Condensat | abuse abused abusing accessible allows application applications are article attackers authentication browser can click codespaces containers content context cookies could create delivery developers development distribute feature firm from full functionality github here hide host how however inside make malicious malware micro might new others payloads please port ports preview privately public read report required researchers running said samples scripts security servers service shared start stealthy such test trend urls use used way without |
| Tags | Malware Prediction |
| Stories | |
| Notes | ★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.