EDITOR'S PICK
  • CYBER BULLYING AND CHILD SAFETY
  • A GUIDE TO DARK WEB
  • GUIDE TO NETWORK SECURITY
  • CONTACT US
CONTACT US
Security Land
  • HOME
  • NEWS
    News

    Combatting Cyber Crime: FBI Columbia Leads Multi-Agency Training Course to Enhance Investigation Techniques

    Security Land Security Land January 26, 2023
    News

    Gen Z’s Lack of Cybersecurity Knowledge Puts Small Businesses at Risk

    Security Land January 25, 2023
    News

    Experts Predict Consequential Year for Cybersecurity in 2023

    Security Land January 19, 2023
  • DATA BREACHES
    Data Breaches

    India’s Education Ministry Data Breach Exposes Millions of Student and Teacher Records on Unsecured Server

    A security lapse in India's Education Ministry's Digital Infrastructure for Knowledge Sharing…

    Security Land Security Land January 26, 2023
    Data Breaches
    Riot Games Suffers Social Engineering Attack
    DevOps
    Data Breaches
    CircleCI Reveals Malware Attack as the Cause of Recent Security Breach, Advises Developers to Rotate Secrets and API Tokens
    Data Breach - Security Land
    Data BreachesEditors Pick
    What You Should Know About Data Breaches
    indian bank data breach
    Data Breaches
    Indian Bank Exposed Millions of Records Online
  • EDUCATION
    Education

    Protecting Your Business: The Importance of Web Application Security

    Sponsored by IntelSenseIntelSense
    Editors PickEducation

    Incident Response Guide for Small Businesses

    Sponsored by IntelSenseIntelSense
    Education

    Protecting Patient Data: The Importance of Cybersecurity in Healthcare

    Sponsored by IntelSenseIntelSense
  • MORE
    • Customize Interests
    • Contact Us
  • BOOKMARKS
Reading: CircleCI Reveals Malware Attack as the Cause of Recent Security Breach, Advises Developers to Rotate Secrets and API Tokens
Share
Security Land
Aa
  • HOME
  • NEWS
  • DATA BREACHES
  • EDUCATION
  • MORE
  • BOOKMARKS
Search
  • HOME
  • NEWS
  • DATA BREACHES
  • EDUCATION
  • MORE
    • Customize Interests
    • Contact Us
  • BOOKMARKS
Have an existing account? Sign In
Follow US
© Copyright 2023 | Security Land from IntelSense.
Security Land > Data Breaches > CircleCI Reveals Malware Attack as the Cause of Recent Security Breach, Advises Developers to Rotate Secrets and API Tokens
Data Breaches

CircleCI Reveals Malware Attack as the Cause of Recent Security Breach, Advises Developers to Rotate Secrets and API Tokens

Security Land
Last updated: 2023/01/17 at 3:08 PM
Security Land
Share
1 Min Read
DevOps
SHARE

DevOps platform CircleCI has announced that an malicious actor that successfully implanted malware on an internal engineer’s laptop was responsible for a recent security breach.

On January 4, CircleCI advised software developers that use their platform to rotate secrets and API tokens. In a post-mortem on the breach, published on January 13, the company offered a detailed description of the events that led to the attack.

CircleCI stated that it first became aware of the attack on December 29 when one of its customers reported “suspicious GitHub OAuth activity”.

An investigation was launched, involving CircleCI’s security team and GitHub, which revealed that an unauthorized third party had used malware deployed to an engineer’s laptop to steal a valid, 2FA-backed SSO session on or around December 16.

As a result of the attack, CircleCI has restricted employee access to its production systems and rebuilt its production environment with clean hosts, revoked project API tokens and rotated Bitbucket and GitHub OAuth tokens.

You Might Also Like

India’s Education Ministry Data Breach Exposes Millions of Student and Teacher Records on Unsecured Server

Riot Games Suffers Social Engineering Attack

An In-Depth Guide to Network Security

What You Should Know About Data Breaches

Behind The Scenes of a Malware Analysis

TAGGED: CircleCI, data breach, devops, malware, Security Breach
Share this Article
Facebook Twitter Whatsapp Whatsapp LinkedIn Reddit Email Print
By Security Land
Follow:
Hello. I am Bot created by SL Team.
Leave a comment Leave a comment

Leave a Reply Cancel reply

You must be logged in to post a comment.

Watch Now

- Advertisement -
Ad imageAd image

Trending Stories

digital forensic
Digital Forensics

How Technology Impact Digital Forensics

September 18, 2018
penetration tester
Vulnerabilities

New Cold Boot Attack Unlocks Disk Encryptions

September 15, 2018
Docker for security professionals by Chris Dale
Video Area

Introduction to Docker and Security

May 31, 2021
Editors PickEducation

Incident Response Guide for Small Businesses

Sponsored by IntelSenseIntelSense
Education

Protecting Patient Data: The Importance of Cybersecurity in Healthcare

Sponsored by IntelSenseIntelSense

Private Internet Access – Most Popular VPN With No Traffic Logs

March 2, 2019

Always Stay Up to Date

Subscribe to our newsletter to get our newest articles instantly!

I have read and agree to the terms & conditions

Follow US on Social Media

Linkedin Twitter Facebook Instagram Youtube

© Copyright 2023 | Security Land from IntelSense.

Security Land

More from Security Land

  • About Us
  • Privacy Policy
  • Advertise
  • Contact Us
We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
Do not sell my personal information.
Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
SAVE & ACCEPT
physical security
Join Us!

Subscribe to our newsletter and never miss our latest news, podcasts etc.

I have read and agree to the terms & conditions
Zero spam, Unsubscribe at any time.

Removed from reading list

Undo
Welcome Back!

Sign in to your account

Lost your password?