Public Travis CI logs loaded with GitHub, AWS, Docker Hub account tokens, and other sensitive data could be leveraged for lateral cloud attacks.
Read full article on Dark Reading: Cloud
Exposed Travis CI API Leaves All Free-Tier Users Open to Attack
- Criminals open DocuSign’s Envelope API to make BEC special delivery
- Biden administration prepares second executive order on cybersecurity
- Link Index for Customer Identity and Access Management
- Technical debt, multi-cloud complexity hinder modern tech adoption
- FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber Intrusions