1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • CircleCI tells users to move their secrets following security ale

    From TechnologyDaily@1337:1/100 to All on Thu Jan 5 15:00:03 2023
    CircleCI tells users to move their secrets following security alert

    Date:
    Thu, 05 Jan 2023 14:55:59 +0000

    Description:
    The company is keeping silent on the details, but seems to have suffered a breach over the holidays.

    FULL STORY ======================================================================

    Continuous integration and delivery service providers CircleCi is suspecting foul play in its systems and is urging its users to take action and protect their accounts while it investigates the matter further.

    In a post on its company blog, CircleCi asked its customers to immediately rotate any and all secrets stored in its systems. These may be stored in project environment variables or in contexts.

    Furthermore, CircleCi recommends its customers review internal logs for their systems, and look for any unauthorized access starting from December 21, 2022 through January 4, 2023, or until the moment all secrets had been rotated. Finally, CircleCI said it invalidated all Project API tokens, forcing users
    to replace them. Further information on how that can be done can be found on this link . An apology and no explanation

    We apologize for any disruption to your work, the post notes. We take the security of our systems and our customers systems extremely seriously. While we are actively investigating this incident, we are committed to sharing more details with customers in the coming days.

    The company did not disclose any additional details about the security incident its currently investigating, so we dont know if any malware or viruses were deployed on its endpoints .

    "At this point, we are confident that there are no unauthorized actors active in our systems; however, out of an abundance of caution, we want to ensure that all customers take certain preventative measures to protect your data as well, the post reads. Read more

    GitHub accounts are being stolen by fake CircleCI accounts


    JavaScript is no longer the favorite programming language for developers


    Check out the best ID theft protection services right now

    While details are scarce, BleepingComputer found a report by security
    engineer Daniel Hckmann, who said he spotted one of the IP addresses associated with the attack (54.145.167.181). According to the publication, this is the type of information that can help incident response teams during their investigations.

    Search cloudtrail logs for events from this IP, he said. I expect there are other indicators, but this one is high fidelity. These are the best firewalls at the moment



    ======================================================================
    Link to news story: https://www.techradar.com/news/circleci-tells-users-to-move-their-secrets-foll owing-security-alert


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)