Holes in Your Bitbucket: Why Your CI/CD Pipeline Is Leaking Secrets | allinfosecnews.com

May 21, 2024, 2 p.m. | Mandiant

Threat Intelligence cloud.google.com

Written by: Mark Swindle

While investigating recent exposures of Amazon Web Services (AWS) secrets, Mandiant identified a scenario in which client-specific secrets have been leaked from Atlassian's code repository tool, Bitbucket, and leveraged by threat actors to gain unauthorized access to AWS. This blog post illustrates how Bitbucket Secured Variables can be leaked in your pipeline and expose you to security breaches.

Background

Bitbucket is a code hosting platform provided by Atlassian and is equipped with a built-in continuous integration …

access amazon amazon web services atlassian aws bitbucket blog blog post cd pipeline client code code repository leaked mandiant mark pipeline repository scenario s code secrets services threat threat actors threat intelligence tool unauthorized unauthorized access web web services written

More from cloud.google.com / Threat Intelligence

Global Revival of Hacktivism Requires Increased Vigilance from Defenders 5 days, 20 hours ago | cloud.google.com

activism daniel defenders global +11

Cloaked and Covert: Uncovering UNC3886 Espionage Operations 2 weeks ago | cloud.google.com

actor alex china cloaked +20

UNC3944 Targets SaaS Applications 2 weeks, 5 days ago | cloud.google.com

0ktapus applications as-a-service attacker +34

Insights on Cyber Threats Targeting Users and Enterprises in Brazil 2 weeks, 6 days ago | cloud.google.com

adam brazil critical cyber +18

UNC5537 Targets Snowflake Customer Instances for Data Theft and Extortion 3 weeks, 2 days ago | cloud.google.com

campaign cloud cloud data collections +24

Phishing for Gold: Cyber Threats Facing the 2024 Paris Olympics 3 weeks, 6 days ago | cloud.google.com

cyber cyber espionage cyber threat cyber threats +19

Ransomware Rebounds: Extortion Threat Surges in 2023, Attackers Rely on Publicly Available and Legitimate Tools 4 weeks, 1 day ago | cloud.google.com

april attackers blog blog post +14

IOC Extinction? China-Nexus Cyber Espionage Actors Use ORB Networks to Raise Cost on Defenders 1 month, 1 week ago | cloud.google.com

advanced advanced persistent threat apt box +24

Holes in Your Bitbucket: Why Your CI/CD Pipeline Is Leaking Secrets 1 month, 1 week ago | cloud.google.com

access amazon amazon web services atlassian +26

Senior Corporate & Commercial Counsel

@ Armis Security | North Carolina, United States

View on infosec-jobs.com

Senior Corporate & Commercial Counsel

@ Armis Security | Georgia, United States

View on infosec-jobs.com

Senior Corporate & Commercial Counsel

@ Armis Security | Boston, Massachusetts, United States

View on infosec-jobs.com

Senior Corporate & Commercial Counsel

@ Armis Security | Austin, Texas, United States

View on infosec-jobs.com

IP Network Engineer

@ Rogers Communications | Calgary, AB, CA

View on infosec-jobs.com

Global Product Manager

@ Vodafone | London, GB

View on infosec-jobs.com