Hackers Exploiting Jenkins Script Console for Cryptocurrency Mining Attacks

July 9, 2024 at 08:13AM Researchers found that misconfigured Jenkins Script Console instances can be exploited for criminal activities, like cryptocurrency mining. Attackers can gain remote code execution and misuse sensitive data. The console lacks administrative controls and can be accessed over the internet due to misconfigurations. Safeguards include proper configuration, robust authentication, and restriction … Read more

Critical GitLab bug lets attackers run pipelines as any user

June 27, 2024 at 10:57AM A critical vulnerability affecting certain versions of GitLab allows running pipelines as any user, with a severity score of 9.6 out of 10. It impacts versions from 15.8 through 16.11.4, 17.0.0 to 17.0.2, and 17.1.0 to 17.1.0, with updates to versions 17.1.1, 17.0.3, and 16.11.5 available. Two breaking changes and … Read more

Bitbucket artifact files can leak plaintext authentication secrets

May 21, 2024 at 04:01PM The issue involves threat actors breaching AWS accounts by exploiting plaintext AWS authentication secrets leaked in Atlassian Bitbucket artifacts. Mandiant discovered this during an investigation and highlighted how seemingly secured data can be exposed in public repositories, jeopardizing security. Developers are cautioned to review artifacts and deploy code scanning to … Read more

Atlassian Bitbucket artifacts can leak plaintext auth secrets

May 21, 2024 at 03:06PM Threat actors breached AWS accounts using leaked plaintext authentication secrets in Atlassian Bitbucket artifacts. Mandiant discovered this issue in the context of an investigation, highlighting the potential leakage of secured data in public repositories. Bitbucket’s secured variables encrypt sensitive information, but Mandiant found that artifact objects can contain plaintext secured … Read more

Startup Dealflow: New Investments at Resonance, RunReveal, StepSecurity, Insane Cyber

May 2, 2024 at 11:27AM Four cybersecurity startups secured pre-seed, seed, and early-stage funding in May. Insane Cyber, San Antonio-based, received $4.2 million in early-stage funding from Paladin Capital Group and others to focus on industrial cybersecurity. Resonance Security, RunReveal, and StepSecurity raised $1.5 million, $2.5 million, and $3 million, respectively, for their cybersecurity solutions. … Read more

NightVision Raises $5.4 Million for Application Security Testing

April 15, 2024 at 11:06AM NightVision, a US-based startup founded in 2022, raised $5.4 million in seed funding from angel investors. The company focuses on application security testing, aiding in the identification and resolution of software security vulnerabilities early in the development lifecycle. Its technology simulates attacks, integrates with development workflows, and enables secure development … Read more

JetBrains keeps mum on 26 ‘security problems’ fixed after Rapid7 spat

March 28, 2024 at 01:29PM Users of JetBrains TeamCity are advised to upgrade to the latest version due to the release of 26 security fixes. However, JetBrains has not revealed specific details about the vulnerabilities, opting for extreme caution following past disclosure drama. The new version also introduces a semi-automatic upgrade feature for on-premises users, … Read more

Critical TeamCity Bugs Endanger Software Supply Chain

March 4, 2024 at 06:09PM TeamCity’s cloud versions are already patched against new critical vulnerabilities, but on-premises deployments require immediate patching, warns the vendor. The platform, used by major organizations including Citibank and Nike, manages the software development CI/CD pipeline. The vulnerabilities (CVE-2024-27198 and CVE-2024-27199) could enable threat actors to bypass authentication and gain admin … Read more

JetBrains urges swift patching of latest critical TeamCity flaw

February 7, 2024 at 07:37AM JetBrains urges all TeamCity (on-prem) users to upgrade to the latest version due to a critical vulnerability (CVE-2024-23917) with a 9.8 CVSS score, allowing unauthenticated remote attackers to seize control of vulnerable servers. This affects versions from 2017.1 to 2023.11.2, patched in 2023.11.3. Admins are advised to upgrade immediately or … Read more

45k Jenkins servers exposed to RCE attacks using public exploits

January 29, 2024 at 05:07PM Security researchers discovered about 45,000 vulnerable Jenkins instances online, susceptible to CVE-2023-23897, a critical flaw allowing remote code execution. The issue originates from an automatic file reading feature, potentially leading to arbitrary command execution. There are multiple public PoC exploits available, posing a significant threat to unpatched Jenkins servers globally. … Read more