Palo Alto Networks

RQL

CircleCI Incident Highlights Cloud Platform Querying Struggles for Compromised Credentials

CircleCI Incident Highlights Cloud Platform Querying Struggles for Compromised Credentials

On January 4, 2023 CircleCI reported a security incident had occurred. CircleCI recommended, “out of an abundance of caution … to immediately rotate any and all secrets stored in CircleCI.” It was assumed that a hardcoded access ID associated with CircleCI was being used to perform unauthorized actions within CircleCI customers’ cloud environments, such as creating new users, access keys, cloud instances, and serverless functions, as well as modifying existing cloud resources....

Cloud Infrastructure Entitlement Management
Cloud Native Application Protection Platform
Threat Advisory/Analysis
Jan 18, 2023
By , and

Palo Alto Networks

Announcements
Company & Culture
Points of View
Public Sector
Products and Services
Partners

Subscribe to Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.

By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.

Get the latest news, invites to events, and threat alerts

Popular Resources

Legal Notices

Popular Links