1. Forum
  2. tqw
  3. TQW GENTECH

  • Cisco takes its developer hub offline following data theft

    From TechnologyDaily@1337:1/100 to All on Monday, October 21, 2024 16:30:05
    Cisco takes its developer hub offline following data theft

    Date:
    Mon, 21 Oct 2024 15:18:00 +0000

    Description:
    Cisco stands by its assessment that there was no breach, despite contrary evidence.

    FULL STORY ======================================================================

    Cisco has taken its DevHub website offline following a cyberattack and a data leak incident. It also played down the value of the breach and said it shut down the site out of an abundance of caution.

    Recently, a known data leaker, alias IntelBroker, posted a new thread on the infamous BreachForums, offering Cisco data for sale.

    In the thread, the hacker credited EnergyWeaponUser and zjj for the breach, and stated that the archive includes Github projects, Gitlab projects, SonarQube projects, source code, hardcoded credentials, certificates,
    customer SRCs, confidential documents, Jira tickets, API tokens, AWS private buckets, Cisco Technology SRCs, Docker builds, Azure Storage buckets, private & public keys, SSL certificates, and more. Exposed API token

    Cisco responded by saying it was investigating the breach, and has now come forward with additional information.

    Based on our investigations, we are confident that there has been no breach
    of our systems, Cisco said. We have determined that the data in question is
    on a public-facing DevHub environmenta Cisco resource center that enables us to support our community by making available software code, scripts, etc. for customers to use as needed. We have determined that a small number of files that were not authorized for public download may have been published.

    The announcement also states there is no evidence of personally identifiable information (PII) or financial data being exposed this way, but Cisco is continuing its investigation.

    Out of an abundance of caution, we have disabled public access to the site while we continue the investigation.

    But IntelBroker disagrees that there was no breach. Speaking to BleepingComputer, they said they gained access to a Cisco third-party developer environment through an exposed API token. They also told the publication that they had access to Ciscos developer environment, and even shared screenshots as proof.

    While Cisco continues to say that no systems were breached, everything we
    have seen does indicate that a third-party development was breached, allowing the threat actor to steal data, the publication concluded.

    Via BleepingComputer More from TechRadar Pro Cisco investigates breach after data put up for sale on BreachForums Here's a list of the best firewalls
    today These are the best endpoint protection tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/cisco-takes-its-developer-hub-offline-f ollowing-data-theft


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)