shutterstock_490960141-1

Industry News: ESG5

      Know Your Breach: Heroku

      May 5, 2022 12:06:46 PM

      The Target: Heroku, a cloud platform as a service with support for several programming languages.

      The Take: Exposure of customer passwords, file storage, and internal source code.

      The Vector: The threat actor used previously exposed GitHub authorization tokens, general use tokens issued to third-party integration software firms by GitHub to allow them to integrate with their platform, and exploited these to connect to Heroku’s internal systems, allowing the attackers to exfiltrate and download the data from their database of customer accounts. 

      This breach is an important reminder of the danger of pivot attacks. While initially the authorization tokens which were stolen provided access only to customer accounts of Heroku who made use of the tokens, the attackers were able to pivot through these exposed accounts and access Heroku’s internal systems. No matter which level the breach takes place, it’s critical to evaluate all possible avenues of attack and take appropriate precautions.

      Read more...

      Topics:Know Your Breach

      About Castle Hall Diligence

      Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →

      Subscribe to Cyber Updates