[Nulled] » Information security » Datadog, specializing in cloud security, reports that it has become a conditional victim of a recent incident with CircleCI.
January 23 2023

Datadog, specializing in cloud security, reports that it has become a

Datadog, specializing in cloud security, reports that it has become a conditional victim of a recent incident with CircleCI.

According to the company, one of its RPM GPG signature keys and a passphrase have been disclosed.

Despite this, Datadog claims that it has not found any signs that the key was actually stolen or used for other purposes. The company says it has yet to find evidence.

However, after notifying CircleCI that an attacker had gained access to environment variables, tokens and client keys, Datadog released a new version of RPM Agent 5 for CentOS/RHEL, signed with a new key.

The company has also released a new Linux installation script that removes the vulnerable key from the Datadog repository file and the RPM database.

Datadog notes that even if an attacker manages to steal the signature key and create a malicious RPM package, he will not be able to use it to carry out attacks on clients, since access to official package repositories will be required.

In any case, Datadog decided to play it safe, because no less than CircleCI customers have already discovered unauthorized access to third-party systems after the company warned of the need to examine the environments for suspicious activity, starting from December 16, 2022.

Information

Visitors who are in the group Guests they can't download files.
Log in to the site under your login and password or if you are a new user go through the process registrations on the website.

Comments:

This publication has no comments yet. You can be the first!

Information the publication:

  • Author of the publication: AdequateSchizo
  • Date of publication: 23 January 2023 12:13
  • Publication category(s): Information security
  • Number of views of the publication: 145
  • Number of comments to the publication: 0

Related News

16 January 2023
Information security
CircleCI forcibly

CircleCI forcibly changes GitHub OAuth tokens for its customers after a cyber incident.

Read more
16 January 2023
Information security
Cryptoplatform 3Commas

Cryptoplatform 3Commas has recognized a cyber incident, as a result of which API keys were stolen. Recently, an

Read more
16 January 2023
Information security
The corporate

The corporate communication and collaboration platform Slack reported a cyber incident that occurred during the

Read more
20 January 2023
Information security»,OSINT
Symantec researchers

Symantec researchers report details about the activities of a cybercrime group they track as Bluebottle, revealing

Read more
16 January 2023
Information security
Symantec researchers

Symantec researchers report details about the activities of a cybercrime group they track as Bluebottle, revealing

Read more

Information

Users of 🆅🅸🆂🅸🆃🅾🆁 are not allowed to comment this publication.

Site Search

Site Menu


☑ Websites Scripts

Calendar

«    November 2024    »
MonTueWedThuFriSatSun
 123
45678910
11121314151617
18192021222324
252627282930 

Advertisement

Survey on the website

Evaluate the work of the site
 

Statistics

  • +15 Total articles 6747
  • +13 Comments 4077
  • +23 Users : 5842