Tag: incident

cloud based CI/CD issues – travis-ci

Travis-CI published a security bulletin the other day, describing a special condition that would allow to access secrets belonging to a foreign repository in Github or Bitbucket. The condition requires a fork from a public repository. That’s how open source work, and very central functionality. Not a corner case. Turns out, the cloud service did…

September 14, 2021
Are you using Klarna?

You may be worried now.

May 27, 2021
What We Can Learn from the Capital One Hack

Earlier this week, it became public that Capital One was victim to a privacy leak, affecting more than 100 million of their customers. News revealed details about the source of the attack, that apparently an individual conducted and bragged about it publicly. Now, a few days later and more facts known, the always excellent Krebs…

August 3, 2019