CISA Admin Leaked AWS GovCloud Keys on GitHub

Posted by LelouBil 21 hours ago

CISA Admin Leaked AWS GovCloud Keys on GitHub(krebsonsecurity.com)

421 points | 170 commentspage 2

dcrazy 12 hours ago|

What makes this truly sad is that the federal government has had smartcard-based authentication (CAC) for decades. Yet because the public internet stack runs on passwords, so too does government infrastructure.

cestith 10 hours ago||

It looks like CISA should employ a CISA.

https://www.cisa.gov/

https://www.isaca.org/credentialing/cisa

wnevets 13 hours ago||

> but this administration clearly had no idea what they were getting themselves into and did not plan accordingly.

chrismarlow9 11 hours ago||

Sounds about right. Security is a joke everywhere right now. First to market is all that matters anymore and security is the very first thing to be thrown out when it stands in the way.

bflesch 10 hours ago|

Can we blame people who realize that everything is tracked and backdoored anyways, and 99% of threat actors are basically untouchable?

Both my own aristocrat/intelligence class and the opposing bloc are fleecing us at the same time. Why even bother if you are not in the club but seen as an extractable resource?

At this point the counterparty is a combination of intelligence/mafia/aristocracy, with diplomatic immunity and license to kill.

(it's tongue in cheek, I actually do bother about this topic)

bilekas 12 hours ago||

I would be fired for this. Probably not able to ask for a refenerce and forever be the butt of a joke between friends and colleagues.

Seems like no big deal for CISA. Defunded really paying off now.

snihalani 12 hours ago||

Do they not believe in encrypted files?

passive 11 hours ago||

Uh, so it says this dates from Nov 2025.

Nov 2025 was also when most of us learned about the acting Chief Security Officer at DHS, whose name AND photo seem exactly like the calling card of someone who had these "keys to the kingdom". https://bsky.app/profile/andylevy.net/post/3m6ivhnthts2o

I want to believe...

EdwardDiego 10 hours ago|

I wanna be whoring? Come on, no way that's real.

Also, she looks like she was generated in the character creator from Oblivion.

tedggh 11 hours ago|

This seems like an act of sabotage disguised as incompetence.

More comments...