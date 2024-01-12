en English
af Afrikaanssq Albanianam Amharicar Arabichy Armenianaz Azerbaijanieu Basquebe Belarusianbn Bengalibs Bosnianbg Bulgarianca Catalanceb Cebuanony Chichewazh-CN Chinese (Simplified)zh-TW Chinese (Traditional)co Corsicanhr Croatiancs Czechda Danishnl Dutchen Englisheo Esperantoet Estoniantl Filipinofi Finnishfr Frenchfy Frisiangl Galicianka Georgiande Germanel Greekgu Gujaratiht Haitian Creoleha Hausahaw Hawaiianiw Hebrewhi Hindihmn Hmonghu Hungarianis Icelandicig Igboid Indonesianga Irishit Italianja Japanesejw Javanesekn Kannadakk Kazakhkm Khmerko Koreanku Kurdish (Kurmanji)ky Kyrgyzlo Laola Latinlv Latvianlt Lithuanianlb Luxembourgishmk Macedonianmg Malagasyms Malayml Malayalammt Maltesemi Maorimr Marathimn Mongolianmy Myanmar (Burmese)ne Nepalino Norwegianps Pashtofa Persianpl Polishpt Portuguesepa Punjabiro Romanianru Russiansm Samoangd Scottish Gaelicsr Serbianst Sesothosn Shonasd Sindhisi Sinhalask Slovaksl Slovenianso Somalies Spanishsu Sundanesesw Swahilisv Swedishtg Tajikta Tamilte Teluguth Thaitr Turkishuk Ukrainianur Urduuz Uzbekvi Vietnamesecy Welshxh Xhosayi Yiddishyo Yorubazu Zulu
cloud
Sign in
cloud
search
Cybersecurity

Cybercriminals Exploit GitHub to Conceal Malicious Traffic: A Detailed Report

author
By: Muhammad Jawad
Published: January 12, 2024 at 10:58 am EST
Cybercriminals Exploit GitHub to Conceal Malicious Traffic: A Detailed Report

In a world where technology is advancing at an unprecedented rate, cybercriminals are finding new and sophisticated ways to exploit the very platforms that were designed for innovation and progress. GitHub, a renowned global code-hosting platform, is the latest victim of such exploits. Cybersecurity firm Recorded Future has detailed an unnerving trend: cybercriminals are increasingly using GitHub to blend malicious activities with legitimate traffic, making detection a formidable challenge.

Living-off-Trusted-Sites: A New Cyber Threat

The technique being employed by these cyber adversaries is known as ‘living-off-trusted-sites’ (LOTS). This strategy involves the deployment of malicious payloads within normal network traffic. By doing so, the nefarious activities of the criminals are effectively hidden amidst the regular flow of data, thereby making it difficult for cybersecurity systems to detect and neutralize them.

GitHub: A Platform for Malicious Activities

According to the report by Recorded Future, GitHub is being utilized for three primary purposes: payload delivery, dead drop resolving (DDR), and command-and-control (C2) communications. DDR is a strategy in which legitimate services like GitHub are exploited to store information about malicious domains. These domains, in turn, lead users to infrastructure controlled by the attackers. Similarly, C2 networks are disguised to appear as regular GitHub traffic, thus efficiently evading detection.

Advanced Persistent Threats and the Future of Cybersecurity

The report issues a stark warning: Advanced Persistent Threats (APTs), notorious for their stealthy and continuous hacking processes, are adopting the LOTS technique. The implication is clear – less sophisticated groups will likely follow suit. This surge in such attacks indicates that legitimate internet services (LIS) will become a significant risk vector.

Addressing the issue of GitHub abuse will likely require advanced detection techniques, better visibility, and varied detection angles. The report suggests that the onus for detecting GitHub abuse might shift towards LIS providers who have better oversight over service usage. This marks a potentially transformative shift in the cybersecurity landscape, highlighting the urgent need for more robust defense mechanisms against increasingly sophisticated cyber threats.

0
Cybersecurity
author

Muhammad Jawad

Hailing from a rich journalistic background, Muhammad Jawad has sharpened his reporting acumen with esteemed networks such as HUM News, GNN News, GTV News, Roze News, Din News, Afghanistan International, and Urdu Point. With over half a decade of intensive experience, Jawad's repertoire spans across political discourses, societal narratives, and pivotal current events. Notably agile under pressure, he consistently delivers under tight timelines, with a flair for investigative journalism and data-backed storytelling. Jawad's exemplary communication prowess has facilitated robust connections with diverse sources, fostering trust amongst peers and resonating with viewers. In our newsroom, he stands as a beacon of dedication, consistently channeling his fervor for journalism to craft stories that resonate and inform.

Comments

There are no comments yet.
Log in to comment

Cybersecurity

See more
34 mins ago
Major Cybersecurity Conference to Boost Philippines' Digital Security
On January 16-17, 2024, Makati City will play host to a significant cybersecurity conference titled ‘Fortifying Cyber Cooperation Towards Digital Security’. The event is a collaboration between the Stratbase Institute, an international think-tank, and the Embassy of Canada in the Philippines. The conference aims to bring together top government officials, cyber experts, and stakeholders from
Major Cybersecurity Conference to Boost Philippines' Digital Security
Mother's Crusade for Justice Against Serial Bully Spotlights Cyberbullying Crisis
5 hours ago
Mother's Crusade for Justice Against Serial Bully Spotlights Cyberbullying Crisis
Bitwarden Unveils Revolutionary Passkey Login Beta for Enhanced Security
5 hours ago
Bitwarden Unveils Revolutionary Passkey Login Beta for Enhanced Security
The Critical Role of Identity Access Governance in Enhancing Security and Compliance
1 hour ago
The Critical Role of Identity Access Governance in Enhancing Security and Compliance
Azerbaijan Establishes Working Group to Bolster Cyber Security
3 hours ago
Azerbaijan Establishes Working Group to Bolster Cyber Security
UK Law Firms Under Siege: Insider Data Breaches Affect 4.2 Million
5 hours ago
UK Law Firms Under Siege: Insider Data Breaches Affect 4.2 Million
Latest Headlines
World News
Jackson Sellars: The Inspiring Journey of Page's HAECO Hero
58 seconds
Jackson Sellars: The Inspiring Journey of Page's HAECO Hero
SKSSF Vice President Sathar Panthaloor's Remarks Stir Controversy Amidst Internal Tensions
2 mins
SKSSF Vice President Sathar Panthaloor's Remarks Stir Controversy Amidst Internal Tensions
Russia Decries U.S. Plan to Seize Frozen Assets as '21st Century Piracy'
2 mins
Russia Decries U.S. Plan to Seize Frozen Assets as '21st Century Piracy'
Privileges Committee Recommends Revoking Suspension of Three Congress Members
3 mins
Privileges Committee Recommends Revoking Suspension of Three Congress Members
The Unseen Health Threats of Neglected Dental Hygiene
3 mins
The Unseen Health Threats of Neglected Dental Hygiene
Iowa Caucuses 2024: A Republican Showdown and a Democratic Quiet
4 mins
Iowa Caucuses 2024: A Republican Showdown and a Democratic Quiet
Raven Addresses Online Toxicity, Urges Support for Blacklist Rivalry Amidst Competitive Struggles
4 mins
Raven Addresses Online Toxicity, Urges Support for Blacklist Rivalry Amidst Competitive Struggles
End of an Era: Legendary Coaches Bill Belichick and Nick Saban Retire
4 mins
End of an Era: Legendary Coaches Bill Belichick and Nick Saban Retire
Arthralgia, Not Hot Flushes, is Most Common Menopausal Symptom, Singapore Study Reveals
6 mins
Arthralgia, Not Hot Flushes, is Most Common Menopausal Symptom, Singapore Study Reveals
Seven Confirmed Cases of Mpox in Auckland Raise Concerns
2 hours
Seven Confirmed Cases of Mpox in Auckland Raise Concerns
Temporary Closure of Isambard Brunel Road: What You Need to Know
4 hours
Temporary Closure of Isambard Brunel Road: What You Need to Know
2024 Food Forecast: Navigating the Ups and Downs in the Global Food Market
4 hours
2024 Food Forecast: Navigating the Ups and Downs in the Global Food Market
South Africa Accuses Israel of Genocide in Case Before International Court of Justice
5 hours
South Africa Accuses Israel of Genocide in Case Before International Court of Justice
Belle Meade PD Leverages Tech to Transform Crime-Fighting
5 hours
Belle Meade PD Leverages Tech to Transform Crime-Fighting
Chicago Suburb Braces for Major Winter Storm: Schaumburg Readies for 10-Inch Snowfall
5 hours
Chicago Suburb Braces for Major Winter Storm: Schaumburg Readies for 10-Inch Snowfall
Father of Missing Haleigh Cummings Battles New Charges
5 hours
Father of Missing Haleigh Cummings Battles New Charges
California's Bold Green Mandate: All New Trucks to be Zero-Emission by 2036
5 hours
California's Bold Green Mandate: All New Trucks to be Zero-Emission by 2036
Mercedes-Benz EQG Unveils Spectacular 'Tank Turn' Capability at CES
6 hours
Mercedes-Benz EQG Unveils Spectacular 'Tank Turn' Capability at CES

Stay connected!

    © 2023 BNN
    Privacy Policy
    Terms of Service
    Help
    © 2023 BNN
    bnn wechat
    BNN

    BNN Breaking

    Magazines & Newspapers

    Free - In Google Play

    Install Open in app