Stop Putting Your Passwords into Random Websites (Yes, Seriously, You Are the PR

Summary

Welcome to watchTowr vs the Internet, part 68.That feeling you’re experiencing? Dread. You should be used to it by now.As is fast becoming an unofficial and, apparently, frowned upon tradition - we identified incredible amounts of publicly exposed passwords, secrets, keys and more for very sensitive environments - and then spent a number of months working out if we could travel back in time to a period in which we just hadn't.Remember, kids - a problem shared is a problem that isn't just your problem anymore. It's the Shared Responsibility model(tm).*85% our fault :-) xoYou might remember some of our previous Internet-wide disasters - but if not, here’s a refresher:We wouldn't blame you for being slightly hopeful after reading our previous monologues into the void and thinking: "Wow, hopefully watchTowr learned something from those experiences - like, stop going on stupid adventures."Unfortunately, while we symapthise - you would be wrong and, in fact, we continue to prove that we have learnt nothing. Truly nothing.So today, armed once again with the aftermath of several highly questionable decisions and our continued inability to properly assess risk, we’re dragging you on another journey with us.While conference halls continue to insist that AI threats, and of course AI solutions, have put the world on the brink of implosion - “Jimmy” over at MSSP-123 (our favourite MSSP) continues to post their Active Directory credentials for a bank on a public website, possibly on their first day (we can’t knock the bravery).Exposing secrets in truly impressive ways to absolutely everyone is not a new phenomenon in cyber, we’ve all seen this before (and, naturally, we have all learnt nothing!). For those that aren't yet jaded, the phenomenon we allude to includes (but is by no means limited to):GitHub repositories,Postman workspaces,DockerHub containersFollowing this chain of thought, we wondered: how will 2 (maybe 3) teenagers, between homework, outsmart this multi-billion-dol...