ClickCease CircleCI partners AWS to revoke keys affected by security incident

Join Our Popular Newsletter

Join 4,500+ Linux & Open Source Professionals!

2x a month. No spam.

CircleCI partners AWS to identify and revoke keys affected by a security incident

Obanla Opeyemi

January 25, 2023 - TuxCare expert team

According to CircleCI’s CTO, Rob Zuber, CircleCI is working with Amazon Web Services to notify customers who have AWS tokens that may have been impacted by the Jan. 4 security incident.

According to the blog post, AWS began sending updates to customers with lists of tokens that may have been impacted. CircleCI stated that it wishes to assist in identifying and revocation of any keys that may have been affected by the security incident.

In addition to sharing tools to assist teams in tracking down all potentially impacted secrets, CircleCI announced that it is collaborating with AWS to notify those who may have had their tokens compromised. CircleCI stated that the company proactively updated GitHub and Bitbucket 0Auth tokens as well. reported.

CircleCI also warned customers about a credential harvesting scam that was circulating, which attempted to trick victims into entering their GitHub logins via a bogus Terms of Service update. CircleCI stated that the AWS alert is related to the original Jan. 4 incident and that no new information has been discovered. The company issued a tweet to reassure customers that the information was not indicative of any other threat.

CircleCI announced earlier this week that on Jan. 17, it would send customers an incident report with additional information about the original security incident. While Zuber, the CTO originally advised customers to rotate their secrets last week, citing a security incident. However, the original post did not go into detail about what occurred.

Customers were advised to not only rotate secrets, but also to review internal logs for any unauthorized access dating back to December 21. Zuber updated customers on the company’s reliability issues from the previous year, but officials said the security incident is unrelated to those issues. According to the company, any connection between the dates is purely coincidental.

The goal of CircleCI’s collaboration with AWS, according to the company, is to help customers easily identify and revoke or rotate any potentially affected keys. They also stressed that “[a]t this time, there is no indication that your AWS account was accessed, only that there is a possibility the token stored in CircleCI was leaked, and therefore should be deleted from AWS and rotated.”

The sources for this piece include an article in SCMagazine.

Summary
CircleCI partners AWS to revoke keys affected by security incident
Article Name
CircleCI partners AWS to revoke keys affected by security incident
Description
CircleCI is working with Amazon Web Services to notify customers who have AWS tokens that may have been impacted a security incident.
Author
Publisher Name
TuxCare
Publisher Logo

Looking to automate vulnerability patching without kernel reboots, system downtime, or scheduled maintenance windows?

Learn About Live Patching with TuxCare

Related Articles

How GPT models can be...

According to CyberArk researchers, GPT-based models like ChatGPT can be...

January 30, 2023

Attackers actively exploit Unpatched Control...

Malicious hackers have started exploiting a critical vulnerability CVE-2022-44877 in...

January 27, 2023

Attackers distribute malware via malicious...

Deep Instinct researchers reported that RATs like StrRAT and Ratty...

January 26, 2023

Cisco warns of authentication bypass...

A remote attacker could exploit multiple vulnerabilities in four Cisco...

January 24, 2023

IceID malware infiltrates Active Directory...

In a notable IcedID malware attack, the assailant impacted the...

January 23, 2023

Bitdefender releases decryptor for MegaCortex...

Bitdefender experts have created a universal decryptor for victims of...

January 20, 2023