Added 2023/03/2023-03-09-sba-communications.md

2023/03/2023-03-09-sba-communications.md

@@ -0,0 +1,65 @@
+Before disabling any content in relation to this takedown notice, GitHub
+- contacted the owners of some or all of the affected repositories to give them an opportunity to [make changes](https://docs.github.com/en/github/site-policy/dmca-takedown-policy#a-how-does-this-actually-work).
+- provided information on how to [submit a DMCA Counter Notice](https://docs.github.com/en/articles/guide-to-submitting-a-dmca-counter-notice).
+
+To learn about when and why GitHub may process some notices this way, please visit our [README](https://github.com/github/dmca/blob/master/README.md#anatomy-of-a-takedown-notice).
+
+---
+
+Dear Github Abuse Team,
+
+We act on behalf of our client, SBA Communications. It has come to our attention that a repository hosted by your account on Github may be infringing SBA Communications copyrights and violating your AUP. We request your cooperation to have the infringing repository removed.
+
+The infringer has copied and used copyrighted code without SBA Communications authorization, and it is using a private API key to access SBA Communications licensed software, creating harm to the business of our client.
+
+The infringing repository is at:  https://github.com/syntaxattacks/SBA-Scripts/
+
+The legitimate material is found at: https://sbasite.com/
+
+Evidence:
+
+https://github.com/syntaxattacks/SBA-Scripts/blob/master/Misc/AD%20User%20Export.ps1  
+This contains a command to export a CSV with our client's users private information located on one of our client's databases (Line 3)
+
+[private]  
+
+https://github.com/syntaxattacks/SBA-Scripts/blob/master/Misc/Get%20AD%20Auth%20Groups.ps1  
+Tis is privative and internal code made to get information about our client's users:  
+
+[private]  
+
+https://github.com/syntaxattacks/SBA-Scripts/tree/master/Oobe  
+This part contains several BitLocker passwords from SBA Communiactions employees.
+
+Data related to a security risk to you as an individual
+https://github.com/syntaxattacks/SBA-Scripts/blob/master/NewHire/LicensePurchase.ps1  
+A script to purchase Outlook licenses using one of our client's employees credentials:  
+
+[private]  
+
+https://github.com/syntaxattacks/SBA-Scripts/blob/master/Misc/startdiskwipe.txt  
+This scrip wipes all data from current disk. A common practice done by threat actors after penetrating into a system to avoid leaving traces.
+
+[private]  
+
+https://github.com/syntaxattacks/SBA-Scripts/blob/master/Drive%20Mapping/Connect%20I%20Drive.bat  
+This script connects to a drive on our client's network:  
+
+[private]  
+
+https://github.com/syntaxattacks/SBA-Scripts/tree/master/Drive%20Mapping  
+At this link the repo is mapping several SBA Communications' internal drives.  
+
+We own the copyright to the allegedly infringing content
+
+This Github repository of scripts contains sensitive information that was disclosed by a former disgruntled employee without authorization. Sensitive information includes Internal hidden shares, usernames, Server names, internal processes, encryption keys, and other details we wish to remain non-public., creating confusion for our client's customers, and therefore harm to the business of our client. Our client is not related to nor does it have any affiliation to the infringer and the infringing content was published on your servers without [private] permission.
+
+I have taken fair use into consideration.
+
+We are sending this notice under a good faith belief that use of the materials, described above as allegedly infringing, is not authorized by the copyright owner, its agent, or the law. We certify, under the penalty of perjury, that the information in this notice is correct. We have the authority to act on behalf of the person who owns the copyright in question.
+
+You may use the following contact information for any further correspondence:
+
+[private]  
+PhishFort, [private]  
+[private]