Tag Archive for: leads

Malware Attack on CircleCI Engineer’s Laptop Leads to Recent Security Incident

/in


Jan 14, 2023Ravie LakshmananDevOps / Data Security

CircleCI Hack

DevOps platform CircleCI on Friday disclosed that unidentified threat actors compromised an employee’s laptop and leveraged malware to steal their two-factor authentication-backed credentials to breach the company’s systems and data last month.

The CI/CD service CircleCI said the “sophisticated attack” took place on December 16, 2022, and that the malware went undetected by its antivirus software.

“The malware was able to execute session cookie theft, enabling them to impersonate the targeted employee in a remote location and then escalate access to a subset of our production systems,” Rob Zuber, CircleCI’s chief technology officer, said in an incident report.

Further analysis of the security lapse revealed that the unauthorized third-party pilfered data from a subset of its databases by abusing the elevated permissions granted to the targeted employee. This included customer environment variables, tokens, and keys.

The threat actor is believed to have engaged in reconnaissance activity on December 19, 2022, following it up by carrying out the data exfiltration step on December 22, 2022.

“Though all the data exfiltrated was encrypted at rest, the third-party extracted encryption keys from a running process, enabling them to potentially access the encrypted data,” Zuber said.

The development comes a little over a week after CircleCI urged its customers to rotate all their secrets, which it said was necessitated after it was alerted to “suspicious GitHub OAuth activity” by one of its customers on December 29, 2022.

Upon learning that the customer’s OAuth token had been compromised, it proactively took the step of rotating all GitHub OAuth tokens, the company stated, adding it worked with Atlassian to rotate all Bitbucket tokens, revoked Project API Tokens and Personal API Tokens, and notified customers of potentially affected AWS tokens.

Besides limiting access to production environments, CircleCI said it has incorporated more authentication guardrails to prevent illegitimate access even if the credentials are stolen.

It further plans to initiate periodic automatic OAuth token rotation for all customers to deter such…

Source…

CrowdStrike Racing Extends Championship Leads at The Glen

/in




CrowdStrike Racing Extends Championship Leads at The Glen

27.07.2022: · Four victories in six SRO America races for CrowdStrike Racing program


· George Kurtz, Colin Braun score overall win, runner-up in GT World Challenge America


 
· Four victories in six SRO America races for CrowdStrike Racing program

· George Kurtz, Colin Braun score overall win, runner-up in GT World Challenge America

· Two race wins and pole positions for Kurtz in GT America

· Boehm takes fifth TC win and runner-up in CrowdStrike/AWS HPD Civic

· CrowdStrike also active as Official Cloud and Internet Security Provider of SRO

 

CrowdStrike Racing put on another motorsports clinic in SRO Motorsports America competition with four victories in six races at Watkins Glen International.
 

Drivers George Kurtz, Colin Braun and Kevin Boehm each claimed at least one victory during the two days at The Glen. The results also cemented CrowdStrike Racing teams and drivers into the leads of their respective championships.
 

Kurtz, CrowdStrike co-founder and CEO, scored three victories on the weekend: an overall win Sunday alongside Braun in GT World Challenge America Powered by AWS, and a pair of pole positions and wins in GT America Powered by AWS. Each win came in separate but familiar No. 04 CrowdStrike/AWS Mercedes-AMG GT3s.
 

Kevin Boehm also found success with a win and runner-up finish with his No. 9 CrowdStrike/AWS Honda Performance Development Type R TC in the TC America Powered by Skip Barber Racing School.
 

Just as CrowdStrike Racing was winning on the track, CrowdStrike protected sensitive operational data as the Official Cloud and Internet Security Provider of SRO Motorsports.
 

CrowdStrike is on the front line of protecting data and preventing security breaches, while also being on the starting line in many of SRO America’s racing categories – including the premier GT World Challenge America. The company’s powerful Falcon graphic is the dominant feature on all CrowdStrike Racing entries in SRO America competition.
 

The Falcon was proudly flying around The Glen all weekend. The culmination came Sunday in the 90-minute GT World Challenge America race for CrowdStrike Racing by Riley Motorsports. Kurtz and…

Source…

Scientific advance leads to a new tool in the fight against hackers

/in


Scientific advance leads to a new tool in the fight against hackers
Using the laws of quantum physics, the researchers developed a new security protocol that uses a person’s geographical location to guarantee that they are communicating with the right person. Position-based quantum encryption, as it is called, can be used to ensure that a person is speaking with an actual bank representative when the bank calls and asks a customer to make changes to their account. This is an artistic representation of the security protocol. Credit: Alex Bols, University of Copenhagen, The Quantum for Life Centre.

A new form of security identification could soon see the light of day and help us protect our data from hackers and cybercriminals. Quantum mathematicians at the University of Copenhagen have solved a mathematical riddle that allows for a person’s geographical location to be used as a personal ID that is secure against even the most advanced cyber attacks.

People have used codes and encryption to protect information from falling into the wrong hands for thousands of years. Today, encryption is widely used to protect our digital activity from hackers and cybercriminals who assume false identities and exploit the internet and our increasing number of digital devices to steal from us.

As such, there is an ever-growing need for new security measures to detect hackers posing as our banks or other trusted institutions. Within this realm, researchers from the University of Copenhagen’s Department of Mathematical Sciences have just made a giant leap.

“There is a constant battle in cryptography between those who want to protect information and those seeking to crack it. New security keys are being developed and later broken and so the cycle continues. Until, that is, a completely different type of key has been found,” says Professor Matthias Christandl.

For nearly twenty years, researchers around the world have been trying to solve the riddle of how to securely determine a person’s geographical location and use it as a secure ID. Until now, this had not been possible by way of…

Source…

GlobalData : Brian Krebs leads GlobalData list of top 10 Twitter influencers on cybersecurity in Q1 2022

/in


Despite the impressive growth of the global security industry, there is a noticeable spike in cyberattacks on businesses and government agencies in the recent past. Now the prevailing geopolitical tensions are further threatening to disrupt and undermine industries and spread well beyond national borders. Against this backdrop, Brian Krebs, Reporter and Publisher at KrebsonSecurity, has emerged as the top cybersecurity influencer on Twitter during the first quarter (Q1) of 2022, reveals GlobalData, a leading data and analytics company.

GlobalData’s Social Media Analytics Platform, which recorded a spike in discussions around cybersecurity on Twitter, ranked influencers based on average engagements per post.

Smitarani Tripathy, Social Media Analyst at GlobalData, comments: “The ongoing geopolitical turmoil between Russia and Ukraine has made cybersecurity threats imminent not only for the government or military sectors but also for other industries.”

Krebs is also the author of ‘Spam Nation’, a bestseller in The New York Times. He mostly shares updates on cybercrime and computer security. His most popular tweet on cybersecurity topic during Q1 2022 was:

Norton360 isn’t the only antivirus product installing cryptominers. Avira, a “free” antivirus product w/ > 500M users, recently introduced users to Avira Crypto. Avira is now owned by NortonLifeLock, which also just bought Avast antivirus (500M users)” 1,361 Likes and 1,126 Retweets*

Tripathy adds: “In Q1, the conversations among cybersecurity experts surged the most as the Ukraine-Russia warfare raged alarm on a cyberattack worldwide. Top influencers believed piling sanctions of Western countries on Russia is likely to trigger cyberattacks on banks, energy systems, and other critical infrastructure firms across the globe.”

Lesley Carhart, Director of Incidence Response (North America) at Dragos, Inc. has emerged as the next most influential voice on Twitter. Carhart also worked in Motorola Solutions as Lead of the Security Incident Response Team. Carhart usually likes to share…

Source…