Our selection of the best articles, code, and projects we found this past month.

Toyota Hacked - Leaked Credentials

Toyota official connectivity app allows owners to link their smartphone with the vehicle’s infotainment system. Toyota discovered recently that a portion of the T-Connect site source code was mistakenly published on GitHub and contained an access key. This made it possible for an unauthorized third party to access the details of 296,019 customers. >read<

GitHub Actions are being abused to run mining operations

The Sysdig Threat Research Team (Sysdig TRT) recently uncovered an extensive and sophisticated active cryptomining operation in which a threat actor is using some of the largest cloud and continuous integration and deployment (CI/CD) service providers. The activity observed is known as “freejacking,” which is the abuse of compute allocated for free trial accounts on SaaS platforms. >read<

High-level overview of PURPLEURCHIN operation
High-level overview of PURPLEURCHIN operation / Credit: sysdig.com

List of Common Passwords Accounts for Nearly All Cyberattacks

Vulnerability management firm Rapid7 recorded every attempt to compromise their honeypot servers over a 12-month period, finding that the attempted credential attacks resulted in 512,000 permutations. Almost all of those passwords (99.997%) are included in a common password list - the RockYou2021 file. It seems like attackers are just taking the easy road. >read<