[HackerNews] Travis CI Flaw Exposes Secrets of Thousands of Open Source Projects

Continuous integration vendor Travis CI has patched a serious security flaw that exposed API keys, access tokens, and credentials, potentially putting organizations that use public source code repositories at risk of further attacks.
The issue — tracked as CVE-2021-41077 — concerns unauthorized access and plunder of secret environment data associated with a public open-source project during the

Source: Read More (The Hacker News)

You might be interested in …

[SecurityWeek] Microsoft Shares More Information on Protecting Systems Against PetitPotam Attacks

All posts, Security Week

Microsoft has shared more information on how organizations can protect Windows domain controllers and other Windows servers against potential PetitPotam attacks. read more Source: Read More (SecurityWeek RSS Feed)

Read More

[SANS ISC] “Summer of SAM”: Microsoft Releases Guidance for CVE-2021-36934, (Wed, Jul 21st)

All posts, Sans-ISC

Microsoft released a knowledge base article regarding CVE-2021-36934 [1]. Bojan yesterday explained the vulnerability in more detail. Recent versions of Microsoft Windows expose several system files due to overly permissive access control lists. Of main interest is the Security Accounts Manager (SAM), which exposes password hashes. It has been demonstrated how this can easily be […]

Read More

[ZDNet] HYCU initiative offers free evaluation for ransomware recovery prospects

All posts, ZDNet

Using GetRScore.org, organizations now have a way to measure ransomware recovery preparation. Source: Read More (Latest topics for ZDNet in Security)

Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.