all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Analyzing the Travis CI Attack and Exposure of Developer Secrets

Add to bookmarks
c
Aug. 16, 2022, 6:20 p.m. |

Cloud Security Alliance cloudsecurityalliance.org

Originally published by Open Raven here. Written by Michael Ness, Security Researcher, Open Raven. IntroductionThe Continuous Integration (CI) platform Travis CI was recently victim of a research based attack, where researchers from Aqua security were able to obtain approximately 73,000 sensitive tokens from numerous different organizations. CI is becoming an increasingly common practice, which allows teams to push out updates in software to different storage repositories that are often requi...

attack ci developer secrets travis travis ci

Visit resource

More from cloudsecurityalliance.org / Cloud Security Alliance

Cl
The Path to SOC 2 Compliance for Startups 2 days, 18 hours ago | cloudsecurityalliance.org
business can challenges companies +16
Cl
Learn How to Navigate Ransomware Attacks in a Digital World 4 days, 14 hours ago | cloudsecurityalliance.org
attacks businesses computer digital +16
Cl
What are the ISO 9001 Requirements? 1 week, 1 day ago | cloudsecurityalliance.org
certification compliance context evaluation +16
Cl
What is Agile Compliance? | Continuous Monitoring for Enhanced Risk Reduction 1 week, 3 days ago | cloudsecurityalliance.org
agile amp best practices blog +32
Cl
Unlocking Trust in the Digital Age: The Power of Blockchain Technologies 1 week, 3 days ago | cloudsecurityalliance.org
age blockchain business communication +20
Cl
Level Up Your Security Strategy with Cyber Resilience 1 week, 4 days ago | cloudsecurityalliance.org
advisory barr advisory breach can +16
Cl
Mastering Least Privilege: Cutting Unused Access 1 week, 4 days ago | cloudsecurityalliance.org
access attack attack surface breaches +16
Cl
How Cybersecurity and AI Will Influence Global Elections in 2024 1 week, 4 days ago | cloudsecurityalliance.org
advocacy artificial artificial intelligence big +20
Cl
Mastering Secure DevOps with Six Key Strategies 1 week, 5 days ago | cloudsecurityalliance.org
addresses applications attacks breaches +24

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Security Compliance Strategist

@ Grab | Petaling Jaya, Malaysia
View on infosec-jobs.com

Cloud Security Architect, Lead

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)
View on infosec-jobs.com