Lessons from the Mercedes-Benz GitHub source code leak | allinfosecnews.com

Feb. 1, 2024, 1 p.m. | Paul Roberts

Security Boulevard securityboulevard.com

The German automotive giant Mercedes-Benz found itself on the wrong end of a software supply chain incident after RedHunt Labs found a leaked GitHub token belonging to an employee of the carmaker that granted "'unrestricted’ and 'unmonitored'" access to the entirety of source code hosted on Mercedes’ internal GitHub Enterprise Server.

The post Lessons from the Mercedes-Benz GitHub source code leak appeared first on Security Boulevard.

access appsec & supply chain security automotive code code leak employee end enterprise found german giant github github enterprise server incident internal labs leak leaked mercedes-benz server software software supply chain source code source code leak supply supply chain supply chain incident token wrong

More from securityboulevard.com / Security Boulevard

USENIX Security ’23 – Silent Bugs Matter: A Study of Compiler-Introduced Security Bugs 13 hours ago | securityboulevard.com

access authors bing bugs +16

The Real Risk is Not Knowing Your Real Risk: Perspectives from Asia Pacific Tour with … 1 day, 2 hours ago | securityboulevard.com

asia asia pacific balbix customer +15

DD2345 Military Critical Technical Data Agreement and CMMC 1 day, 3 hours ago | securityboulevard.com

agreement business can cmmc +9

Airsoft Data Breach Exposes Data of 75,000 Players 1 day, 4 hours ago | securityboulevard.com

airsoft attack surface authentication breach +31

Get SOAR Savvy Before RSAC 2024: 5 Reads to Level Up Your SOC 1 day, 5 hours ago | securityboulevard.com

and response automation check d3 security +24

Cloud Monitor Automation Thwarts Phishing & Malware Emails 1 day, 6 hours ago | securityboulevard.com

automation chief cloud cybersecurity +27

MY TAKE: Is Satya Nadella’s ‘Secure Future Initiative’ a deja vu of ‘Trustworthy Computing?’ 1 day, 8 hours ago | securityboulevard.com

computing conference eve francisco +19

Palo Alto Networks Extends SASE Reach to Unmanaged Devices 1 day, 8 hours ago | securityboulevard.com

alto devices devops devsecops +20

USENIX Security ’23 – Cryptographic Deniability: A Multi-perspective Study of User Perceptions and Expectations 1 day, 9 hours ago | securityboulevard.com

access authors channel conference +17

DevSecOps Engineer

@ Material Bank | Remote

View on infosec-jobs.com

Instrumentation & Control Engineer - Cyber Security

@ ASSYSTEM | Bridgwater, United Kingdom

View on infosec-jobs.com

Security Consultant

@ Tenable | MD - Columbia - Headquarters

View on infosec-jobs.com

Management Consultant - Cybersecurity - Internship

@ Wavestone | Hong Kong, Hong Kong

View on infosec-jobs.com

TRANSCOM IGC - Cybersecurity Engineer

@ IT Partners, Inc | St. Louis, Missouri, United States

View on infosec-jobs.com

Manager, Security Operations Engineering (EMEA)

@ GitLab | Remote, EMEA

View on infosec-jobs.com