Tag: incident

  • cloud based CI/CD issues – travis-ci

    Travis-CI published a security bulletin the other day, describing a special condition that would allow to access secrets belonging to a foreign repository in Github or Bitbucket. The condition requires a fork from a public repository. That’s how open source work, and very central functionality. Not a corner case. Turns out, the cloud service did…

  • Are you using Klarna?

    You may be worried now.

  • What We Can Learn from the Capital One Hack

    Earlier this week, it became public that Capital One was victim to a privacy leak, affecting more than 100 million of their customers. News revealed details about the source of the attack, that apparently an individual conducted and bragged about it publicly. Now, a few days later and more facts known, the always excellent Krebs…