Pipeline

GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others

Jun 28, 2024 by iHash Leave a Comment

Jun 28, 2024NewsroomSoftware Security / DevOps GitLab has released security updates to address 14 security flaws, including one critical vulnerability that could be exploited to run continuous integration and continuous deployment (CI/CD) pipelines as any user. The weaknesses, which affect GitLab Community Edition (CE) and Enterprise Edition (EE), have been addressed in … [Read more...] about GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others

Enhancing CDR Capabilities for CI/CD Pipeline

Mar 22, 2024 by iHash Leave a Comment

The increase in cloud adoption has been met with a corresponding rise in cybersecurity threats. Cloud intrusions escalated by a staggering 75% in 2023, with cloud-conscious cases increasing by 110%. Amid this surge, eCrime adversaries have become the top threat actors targeting the cloud, accounting for 84% of adversary-attributed cloud-conscious intrusions. For large … [Read more...] about Enhancing CDR Capabilities for CI/CD Pipeline

U.S. Proposes $1 Million Fine on Colonial Pipeline for Safety Violations After Cyberattack

May 10, 2022 by iHash Leave a Comment

The U.S. Department of Transportation's Pipeline and Hazardous Materials Safety Administration (PHMSA) has proposed a penalty of nearly $1 million to Colonial Pipeline for violating federal safety regulations, worsening the impact of the ransomware attack last year. The $986,400 penalty is the result of an inspection conducted by the regulator of the pipeline operator's control … [Read more...] about U.S. Proposes $1 Million Fine on Colonial Pipeline for Safety Violations After Cyberattack

Big Game Hunting TTPs Continue to Shift After DarkSide Pipeline Attack

Sep 19, 2021 by iHash Leave a Comment

The eCrime ecosystem is an active and diverse economy of financially motivated threat actors engaging in a myriad of criminal activities to generate revenue. With the CrowdStrike eCrime Index (ECX), CrowdStrike’s Intelligence team maintains a composite score to track changes to this ecosystem. The ECX is composed of several key observables covering different aspects of … [Read more...] about Big Game Hunting TTPs Continue to Shift After DarkSide Pipeline Attack

Hackers Breached Colonial Pipeline Using Compromised VPN Password

Jun 7, 2021 by iHash Leave a Comment

The ransomware cartel that masterminded the Colonial Pipeline attack early last month crippled the pipeline operator's network using a compromised virtual private network (VPN) account password, the latest investigation into the incident has revealed. The development, which was reported by Bloomberg on Friday, involved gaining an initial foothold into the networks as early as … [Read more...] about Hackers Breached Colonial Pipeline Using Compromised VPN Password

Key Takeaway from the Colonial Pipeline Attack

May 25, 2021 by iHash Leave a Comment

Every time I hear about a new cyber-attack, I ask myself: “Is this a new attack vector? A new vulnerability? A new creative tactic?” The answer is almost invariably no. Attack after attack, threat intelligence reports describe well known tactics that have been carried out numerous times in the past. I breathe a sigh of relief and remember Churchill’s famous World War II motto: … [Read more...] about Key Takeaway from the Colonial Pipeline Attack

Colonial Pipeline Paid Nearly $5 Million in Ransom to Cybercriminals

May 15, 2021 by iHash Leave a Comment

Colonial Pipeline on Thursday restored operations to its entire pipeline system nearly a week following a ransomware infection targeting its IT systems, forcing it to reportedly shell out nearly $5 million to regain control of its computer networks. "Following this restart, it will take several days for the product delivery supply chain to return to normal," the company said in … [Read more...] about Colonial Pipeline Paid Nearly $5 Million in Ransom to Cybercriminals

Pipeline Security Tunnel Vision – Cisco Blogs

May 15, 2021 by iHash Leave a Comment

Few security topics have elicited as much mythology as pipeline security incidents. Perhaps it is the nature of the esoteric equipment involved, the stories of explosions in the tundra, international intrigue, or just the fact that the scale of what could happen, and its impact, is so broad. I happen to live along the path between the Permian Basin (the US’s largest petroleum … [Read more...] about Pipeline Security Tunnel Vision – Cisco Blogs

Ransomware Cyber Attack Forced the Largest U.S. Fuel Pipeline to Shut Down

May 9, 2021 by iHash Leave a Comment

Colonial Pipeline, which carries 45% of the fuel consumed on the U.S. East Coast, on Saturday said it halted operations due to a ransomware attack, once again demonstrating how infrastructure is vulnerable to cyberattacks. "On May 7, the Colonial Pipeline Company learned it was the victim of a cybersecurity attack," the company said in a statement posted on its website. "We … [Read more...] about Ransomware Cyber Attack Forced the Largest U.S. Fuel Pipeline to Shut Down

AdGuard VPN + Ad Blocker Family Security Suite for $49

Microsoft Office 2024 Home for Mac or PC: One-Time Purchase for $119

ASUS 14" Chromebook C424 (2021) Intel N4020 4GB RAM 128GB eMMC (Refurbished) for $174

Lenovo IdeaPad 5, 14" Touchscreen 2-in-1 Laptop (2024) AMD Ryzen 7, 16GB RAM 1TB SSD Windows 11 Home Cosmic Blue (Refurbished) for $649

Stacks Be Productive Plan: Lifetime Subscription for $29