Tag: GitHub for Malicious Purposes

Threat Actors Increasingly Abusing GitHub for Malicious Purposes
News

Threat Actors Increasingly Abusing GitHub for Malicious Purposes

Because GitHub is so widely used in IT environments, threat actors find it to be a profitable place to host and distribute malicious payloads as well as a useful tool for command and control, data exfiltration, and dead drop resolution. "Using GitHub services for malicious infrastructure allows adversaries to blend in with legitimate network traffic, often bypassing traditional security defenses and making upstream infrastructure tracking and actor attribution more difficult," Recorded Future stated in a report provided to Hacker News website. The cybersecurity company called the strategy "living-off-trusted-sites" (LOTS), a variation on the "living-off-the-land" (LotL) tactics that threat actors frequently use to hide rogue activities read more Threat Actors Increasingly Abusing Gi...