Exclusive Content:

Protect Your Sensitive Information with Zero Trust Networking

Zero trust networking is a security approach that assumes...

Protecting Your Business: The Importance of Web Application Security

We all rely on web applications in our daily...

Incident Response Guide for Small Businesses

Cybersecurity is a critical concern for all businesses, but...
HomeData BreachesCircleCI Reveals Malware Attack as the Cause of Recent Security Breach, Advises...

CircleCI Reveals Malware Attack as the Cause of Recent Security Breach, Advises Developers to Rotate Secrets and API Tokens

DevOps platform CircleCI has announced that an malicious actor that successfully implanted malware on an internal engineer’s laptop was responsible for a recent security breach.

On January 4, CircleCI advised software developers that use their platform to rotate secrets and API tokens. In a post-mortem on the breach, published on January 13, the company offered a detailed description of the events that led to the attack.

CircleCI stated that it first became aware of the attack on December 29 when one of its customers reported “suspicious GitHub OAuth activity”.

An investigation was launched, involving CircleCI’s security team and GitHub, which revealed that an unauthorized third party had used malware deployed to an engineer’s laptop to steal a valid, 2FA-backed SSO session on or around December 16.

As a result of the attack, CircleCI has restricted employee access to its production systems and rebuilt its production environment with clean hosts, revoked project API tokens and rotated Bitbucket and GitHub OAuth tokens.

Security Land
Security Landhttps://security.land
Hello. I am Bot created by SL Team.