Close Menu
AIToday7

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    What's Hot

    Anthropic found a hidden space where Claude puzzles over concepts

    July 12, 2026

    OpenAI says GPT 5.6 is the ‘preferred model’ for Microsoft Copilot 365 amid breakup chatter

    July 12, 2026

    AI companies want to water down Australia’s copyright laws. Artists are outraged, Labor is split

    July 12, 2026
    Facebook X (Twitter) Instagram
    Trending
    • Anthropic found a hidden space where Claude puzzles over concepts
    • OpenAI says GPT 5.6 is the ‘preferred model’ for Microsoft Copilot 365 amid breakup chatter
    • AI companies want to water down Australia’s copyright laws. Artists are outraged, Labor is split
    • SpaceX and AI startup wealth fuels demand for private jets
    • Apple faces rising costs as AI-driven memory shortage reshapes hardware markets
    • The 6 biggest cybersecurity breaches of 2026 so far
    • Forget typosquatting; slopsquatting is the software supply chain threat created by AI coding tools
    • Artificial Intelligence is Reshaping the US Financial Market; EX DeFi Launches AI
    Facebook X (Twitter) Instagram Pinterest Vimeo
    AIToday7
    • Home
    • AI News
    • Tech News
    • AI Guides
    • Chatbots
    • Cybersecurity
    • Gadgets
    • More
      • Generative AI
      • Startups
    AIToday7
    Home»Cybersecurity»CISA looks to remedy ailments from big May credential leak
    Cybersecurity

    CISA looks to remedy ailments from big May credential leak

    stamilhstgr0518@gmail.comBy stamilhstgr0518@gmail.comJuly 11, 2026No Comments3 Mins Read
    Share Facebook Twitter Pinterest LinkedIn Tumblr Reddit Telegram Email
    CISA looks to remedy ailments from big May credential leak
    Share
    Facebook Twitter LinkedIn Pinterest Email

    A major credential leak spurred the Cybersecurity and Infrastructure Security Agency to strengthen protections for its sensitive materials, improve how researchers can report agency vulnerabilities and develop plans for similar incidents, the agency said in a forensic report released Thursday.

    The blog post outlines CISA’s response to the leak that the researcher who discovered it in May called one of the worst he had ever seen, which also drew congressional scrutiny.

    “Sharing experiences from incident response activities help other organizations learn from such experiences and enables them to take necessary precautions to prevent similar incidents from happening in their environments,” wrote Preston Werntz, acting chief information officer and Brad Libbey, acting chief information security officer. “For years, CISA has said this type of information exchange is critical to identifying trends and contributing to broader national awareness. Now, it is our turn.”

    On May 15, after learning about a contractor’s leak of privileged Amazon AWS GovCloud Keys on a public GitHub repository, CISA said it took steps to halt further harm. That meant taking the repository and its developer environment offline, and revoking the access of the person responsible for the leak.

    CISA then analyzed the repository to get a sense of the scope of the leak. It also analyzed log files to learn that none of the leaked credentials were used outside of CISA, and that no customer or mission data was exposed.

    The response benefited from taking the reported incident seriously, having good logging capabilities and using zero-trust principles, the blog post states.

    But it also showed some things that needed to be fixed. 

    CISA resolved to use its endpoint detection and response capabilities to monitor and manage uploads to public repositories. It rotated all of its secrets after the incident, and came up with a plan to improve management of its secrets.

    It determined that it would make it easy to report vulnerabilities related to CISA itself. It’s better at receiving information about vulnerabilities that are less agency-specific, given its role as a hub of communication about cyber risks for the United States and world generally, the post noted.

    CISA also said it had to build a playbook for GitHub-related incidents mid-incident, and recognized the need to build playbooks for all kinds of incidents in advance.

    The person who uncovered the leak, GitGuardian security researcher Guillaume Valadon, applauded CISA’s evaluation of the incident. 

    “I think that it is really good. CISA managed to explain what happened, what worked well and what needs to be improved,” he told CyberScooponal cybersecurity agency is advocating for secrets scanning, and simplifying relations with researchers.”

    That’s something Valadon and his team have talked about for a while, and he said he was “proud to read that it is recognized by CISA.”

    ailments CISA from looks remedy
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Previous ArticleWhat Is Context Engineering (and Why It Is Replacing Prompt Engineering)
    Next Article 8 Cool Consumer Reports Approved Gadgets Under $50
    stamilhstgr0518@gmail.com
    • Website

    Related Posts

    Cybersecurity

    The 6 biggest cybersecurity breaches of 2026 so far

    July 12, 2026
    Cybersecurity

    Nearly 7 Million Driver’s License Numbers Were Exposed in Another Data Breach

    July 11, 2026
    Cybersecurity

    Ex-Chicago ransomware negotiator gets nearly 6 years in prison for aiding hackers

    July 11, 2026
    Add A Comment
    Leave A Reply Cancel Reply

    Top Posts

    Anthropic found a hidden space where Claude puzzles over concepts

    July 12, 20260 Views

    OpenAI says GPT 5.6 is the ‘preferred model’ for Microsoft Copilot 365 amid breakup chatter

    July 12, 20260 Views

    AI companies want to water down Australia’s copyright laws. Artists are outraged, Labor is split

    July 12, 20260 Views
    Stay In Touch
    • Facebook
    • YouTube
    • TikTok
    • WhatsApp
    • Twitter
    • Instagram
    Latest Reviews
    Chatbots

    OpenAI bets on families as ChatGPT goes deeper into households

    stamilhstgr0518@gmail.comJuly 11, 2026
    Generative AI

    MUSIC COMMUNITY INTRODUCES NEW LABELING PROGRAM TO DISTINGUISH GENERATIVE AI IN SOUND RECORDINGS

    stamilhstgr0518@gmail.comJuly 11, 2026
    AI News

    Safe from AI: which jobs will help you thrive in the future?

    stamilhstgr0518@gmail.comJuly 11, 2026

    Subscribe to Updates

    Get the latest tech news from FooBar about tech, design and biz.

    Most Popular

    Anthropic found a hidden space where Claude puzzles over concepts

    July 12, 20260 Views

    OpenAI says GPT 5.6 is the ‘preferred model’ for Microsoft Copilot 365 amid breakup chatter

    July 12, 20260 Views

    AI companies want to water down Australia’s copyright laws. Artists are outraged, Labor is split

    July 12, 20260 Views
    Our Picks

    OpenAI bets on families as ChatGPT goes deeper into households

    July 11, 2026

    MUSIC COMMUNITY INTRODUCES NEW LABELING PROGRAM TO DISTINGUISH GENERATIVE AI IN SOUND RECORDINGS

    July 11, 2026

    Safe from AI: which jobs will help you thrive in the future?

    July 11, 2026

    Subscribe to Updates

    Get the latest creative news from FooBar about art, design and business.

    Facebook X (Twitter) Instagram Pinterest
    • About Us
    • Get In Touch
    • Disclaimer
    • Privacy Policy
    • Terms and Conditions
    © 2026 AIToday7. All Rights Reserved.

    Type above and press Enter to search. Press Esc to cancel.