-
Notifications
You must be signed in to change notification settings - Fork 1.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #13065 from github/updates
Added 2023/03/2023-03-09-sba-communications.md
- Loading branch information
Showing
1 changed file
with
65 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,65 @@ | ||
| Before disabling any content in relation to this takedown notice, GitHub | ||
| - contacted the owners of some or all of the affected repositories to give them an opportunity to [make changes](https://docs.github.com/en/github/site-policy/dmca-takedown-policy#a-how-does-this-actually-work). | ||
| - provided information on how to [submit a DMCA Counter Notice](https://docs.github.com/en/articles/guide-to-submitting-a-dmca-counter-notice). | ||
|
|
||
| To learn about when and why GitHub may process some notices this way, please visit our [README](https://github.com/github/dmca/blob/master/README.md#anatomy-of-a-takedown-notice). | ||
|
|
||
| --- | ||
|
|
||
| Dear Github Abuse Team, | ||
|
|
||
| We act on behalf of our client, SBA Communications. It has come to our attention that a repository hosted by your account on Github may be infringing SBA Communications copyrights and violating your AUP. We request your cooperation to have the infringing repository removed. | ||
|
|
||
| The infringer has copied and used copyrighted code without SBA Communications authorization, and it is using a private API key to access SBA Communications licensed software, creating harm to the business of our client. | ||
|
|
||
| The infringing repository is at: https://github.com/syntaxattacks/SBA-Scripts/ | ||
|
|
||
| The legitimate material is found at: https://sbasite.com/ | ||
|
|
||
| Evidence: | ||
|
|
||
| https://github.com/syntaxattacks/SBA-Scripts/blob/master/Misc/AD%20User%20Export.ps1 | ||
| This contains a command to export a CSV with our client's users private information located on one of our client's databases (Line 3) | ||
|
|
||
| [private] | ||
|
|
||
| https://github.com/syntaxattacks/SBA-Scripts/blob/master/Misc/Get%20AD%20Auth%20Groups.ps1 | ||
| Tis is privative and internal code made to get information about our client's users: | ||
|
|
||
| [private] | ||
|
|
||
| https://github.com/syntaxattacks/SBA-Scripts/tree/master/Oobe | ||
| This part contains several BitLocker passwords from SBA Communiactions employees. | ||
|
|
||
| Data related to a security risk to you as an individual | ||
| https://github.com/syntaxattacks/SBA-Scripts/blob/master/NewHire/LicensePurchase.ps1 | ||
| A script to purchase Outlook licenses using one of our client's employees credentials: | ||
|
|
||
| [private] | ||
|
|
||
| https://github.com/syntaxattacks/SBA-Scripts/blob/master/Misc/startdiskwipe.txt | ||
| This scrip wipes all data from current disk. A common practice done by threat actors after penetrating into a system to avoid leaving traces. | ||
|
|
||
| [private] | ||
|
|
||
| https://github.com/syntaxattacks/SBA-Scripts/blob/master/Drive%20Mapping/Connect%20I%20Drive.bat | ||
| This script connects to a drive on our client's network: | ||
|
|
||
| [private] | ||
|
|
||
| https://github.com/syntaxattacks/SBA-Scripts/tree/master/Drive%20Mapping | ||
| At this link the repo is mapping several SBA Communications' internal drives. | ||
|
|
||
| We own the copyright to the allegedly infringing content | ||
|
|
||
| This Github repository of scripts contains sensitive information that was disclosed by a former disgruntled employee without authorization. Sensitive information includes Internal hidden shares, usernames, Server names, internal processes, encryption keys, and other details we wish to remain non-public., creating confusion for our client's customers, and therefore harm to the business of our client. Our client is not related to nor does it have any affiliation to the infringer and the infringing content was published on your servers without [private] permission. | ||
|
|
||
| I have taken fair use into consideration. | ||
|
|
||
| We are sending this notice under a good faith belief that use of the materials, described above as allegedly infringing, is not authorized by the copyright owner, its agent, or the law. We certify, under the penalty of perjury, that the information in this notice is correct. We have the authority to act on behalf of the person who owns the copyright in question. | ||
|
|
||
| You may use the following contact information for any further correspondence: | ||
|
|
||
| [private] | ||
| PhishFort, [private] | ||
| [private] |