company logo

Product

Our Product

We are Reshaping the way Developers find and fix vulnerabilities before they get exploited.

Solutions

By Industry

BFSI

Healthcare

Education

IT & Telecom

Government

By Role

CISO

Application Security Engineer

DevsecOps Engineer

IT Manager

Resources

Resource Library

Get actionable insight straight from our threat Intel lab to keep you informed about the ever-changing Threat landscape.

Subscribe to Our Weekly Threat Digest

Company

Contact Us

Have queries, feedback or prospects? Get in touch and we shall be with you shortly.

loading..
loading..
loading..
Loading...

GitHub

Malware

Privacy Policy

loading..
loading..
loading..

GitHub updated its policy to end the hosting of exploit code & malware on it's platform

GitHub as an attack infrastructure, such as through an organization's denial of service (DoS) or management command and...

07-Jun-2021
5 min read

GitHub officially rolled out a series of drastic changes into their platform against the malicious codes and exploit scripts hosted on their platform and additional announcements. GitHub officially rolled out a series of drastic changes into their platform against the malicious codes and exploit scripts hosted on their platform and additional announcements.GitHub officially rolled out a series of drastic changes into their platform against the malicious codes and exploit scripts hosted on their platform and additional announcements.

"We explicitly permit dual-use security technologies and content related to research into vulnerabilities, malware, and exploits," the Microsoft-owned company said. "We understand that many security research projects on GitHub are dual-use and broadly beneficial to the security community. We assume positive intention and use of these projects to promote and drive improvements across the ecosystem."

The company stated that it will no longer be allowing anyone to use GitHub directly in support of illegal attacks or malware activities that can lead to technical catastrophes, and that measures can be taken to disrupt ongoing attacks that use the platform as a vulnerability exploit or delivery network. Content (CDN) To this end, users avoid uploading, publishing, hosting, or transmitting any content that can be used to deliver malicious executable files or abuse GitHub as an attack infrastructure, such as through an organization's denial of service (DoS) or management command and control server (C2).

"Technical harms means overconsumption of resources, physical damage, downtime, denial of service, or data loss, with no implicit or explicit dual-use purpose before the abuse occurs," GitHub said.

  • We explicitly permit dual-use security technologies and content related to research into vulnerabilities, malware, and exploits. We understand that many security research projects on GitHub are dual-use and broadly beneficial to the security community. We assume positive intention and use of these projects to promote and drive improvements across the ecosystem. This change modifies previously broad language that could be misinterpreted as hostile toward projects with dual-use, clarifying that such projects are welcome.
  • We have clarified how and when we may disrupt ongoing attacks leveraging the GitHub platform as an exploit or malware content delivery network (CDN). We do not allow the use of GitHub in direct support of unlawful attacks that cause technical harm, which we've further defined as overconsumption of resources, physical damage, downtime, denial of service, or data loss.
  • We have clarified how and when we may disrupt ongoing attacks leveraging the GitHub platform as an exploit or malware content delivery network (CDN). We do not allow the use of GitHub in direct support of unlawful attacks that cause technical harm, which we've further defined as overconsumption of resources, direct physical damage, downtime, denial of service, or data loss.
  • We made clear that we have appeals and reinstatement processes in this policy. We allow our users to appeal decisions to restrict their content or account access. This is especially important in the security research context, so we've very clearly and directly called out the ability for affected users to appeal action taken against their content
  • We've suggested a means by which parties may resolve disputes before escalating and reporting abuse to GitHub. This appears in the form of a recommendation to leverage an optional SECURITY MD file for the project to provide contact information to resolve abuse reports. This encourages members of our community to resolve conflicts directly with project maintainers without requiring formal GitHub abuse reports.

If misuse of dual-use content is prevalent, Google restricts access to that content by placing it behind authorization and states that it may be modified or modified by disabling access to the Services for various content as a "last resort". All of this is limited. These measures are not realistic. GitHub has also announced that it will contact project leaders to inquire about relevant controls, if possible. The change came after the company enforced security, malware and platform usage in its research policy at the end of April. Using clear phrases to **remove "active and harmful content" and "hard code" makes it easier to detect protection.

By addressing the vulnerabilities, GitHub policy reviews are directly criticized with wide-ranging criticism that aims to identify proof-of-concept (PoC) attacks, unless the repository or compromised code is directly involved in an active campaign. Also, good results. The system fixes several vulnerabilities known as ProxyLogon in the code downloaded by researchers. Microsoft was discovered by a Chinese government-backed hacker group that tried to hack Exchange servers around the world. GitHub removed it following its usage guidelines at the time and said the code " detected a vulnerability that has been actively exploited recently."