GitLab vulnerability risks account takeover via simple password reset | allinfosecnews.com

Jan. 12, 2024, 4:45 p.m. | Laura French

SC Magazine feed for Strategy www.scmagazine.com

No user interaction is required for takeover; GitLab CE and EE users should patch immediately.

account account takeover devsecops gitlab password password reset patch patchconfiguration-management reset risks simple takeover vulnerability vulnerability management

More from www.scmagazine.com / SC Magazine feed for Strategy

Smoke and (screen) mirrors: A strange signed backdoor 18 hours ago | www.scmagazine.com

backdoor masquerading network security ops +6

Attackers evade detection by leveraging Microsoft Graph API 20 hours ago | www.scmagazine.com

api api security application security attackers +14

Stronger cybersecurity aimed by Menlo Security, Google Cloud collaboration 1 day ago | www.scmagazine.com

cloud cloud security collaboration customers +10

US arrests ex-cyber consultant accused of IT firm extortion 1 day ago | www.scmagazine.com

address arrest arrests bleepingcomputer +21

Accelerated patching found with CISA KEV catalog-listed flaws 1 day ago | www.scmagazine.com

agency catalog cisa cisa kev +24

Path traversal vulnerability elimination in software sought by feds 1 day ago | www.scmagazine.com

agency bleepingcomputer cybersecurity devsecops +17

New AI security bill unveiled in Senate 1 day ago | www.scmagazine.com

act ai act aiml ai security +14

Data breach impacts Airsoft community site 1 day ago | www.scmagazine.com

breach cloud cloud storage community +19

Details on 2021 Chemonics hack remain scant 1 day ago | www.scmagazine.com

agency compromised critical-infrastructure-security cyberattack +11

QA Customer Response Engineer

@ ORBCOMM | Sterling, VA Office, Sterling, VA, US

View on infosec-jobs.com

Enterprise Security Architect

@ Booz Allen Hamilton | USA, TX, San Antonio (3133 General Hudnell Dr) Client Site

View on infosec-jobs.com

DoD SkillBridge - Systems Security Engineer (Active Duty Military Only)

@ Sierra Nevada Corporation | Dayton, OH - OH OD1

View on infosec-jobs.com

Senior Development Security Analyst (REMOTE)

@ Oracle | United States

View on infosec-jobs.com

Software Engineer - Network Security

@ Cloudflare, Inc. | Remote

View on infosec-jobs.com

Software Engineer, Cryptography Services

@ Robinhood | Toronto, ON

View on infosec-jobs.com