MFA under attack
https://www.bleepingcomputer.com/news/security/circlecis-hack-caused-by-malware-stealing-engineers-2fa-backed-session/
Hackers breached CircleCi in December after an engineer became infected with information-stealing malware that their 2FA-backed SSO session cookie, allowing access to the company's internal systems.
Earlier this month, CircleCi disclosed that they suffered a security incident and warned customers to rotate their tokens and secrets.
MFA under attack
Jan 14, 2023, 11:23pm UTC
https://www.bleepingcomputer.com/news/security/circlecis-hack-caused-by-malware-stealing-engineers-2fa-backed-session/
> Hackers breached CircleCi in December after an engineer became infected with information-stealing malware that their 2FA-backed SSO session cookie, allowing access to the company's internal systems.
> Earlier this month, CircleCi disclosed that they suffered a security incident and warned customers to rotate their tokens and secrets.