GitHub: Amusing Security Management
April 8, 2021
I got a kick out of “GitHub Investigating Crypto-Mining Campaign Abusing Its Server Infrastructure.” I am not sure if the write up is spot on, but it is entertaining to think about Microsoft’s security systems struggling to identify an unwanted service running in GitHub. The write up asserts:
Code-hosting service GitHub is actively investigating a series of attacks against its cloud infrastructure that allowed cybercriminals to implant and abuse the company’s servers for illicit crypto-mining operations…
In the wake of the SolarWinds’ and Exchange Server “missteps,” Microsoft has been making noises about the tough time it has dealing with bad actors. I think one MSFT big dog said there were 1,000 hackers attacking the company.
The main idea is that attackers allegedly mine cryptocurrency on GitHub’s own servers.
This is post SolarWinds and Exchange Server “missteps”, right?
What’s the problem with cyber security systems that monitoring real time threats and uncertified processes?
Oh, I forgot. These aggressively marketed cyber systems still don’t work it seems.
Stephen E Arnold, April 8, 2021