Pipeline
Romania’s oil pipeline operator Conpet confirms data stolen in attack
Romania’s national oil pipeline operator, Conpet S.A., confirmed that the Qilin ransomware gang stole company data in an attack last week. In a press release the day following the incident, the company said that the threat actor breached its corporate IT infrastructure, but operations remained unaffected. Conpet S.A. published an update today about the incident, saying that […]
Romanian oil pipeline operator Conpet discloses cyberattack
Conpet, Romania’s national oil pipeline operator, has disclosed that a cyberattack disrupted its business systems and took down the company’s website on Tuesday. Conpet operates nearly 4,000 kilometers of pipeline network, supplying domestic and imported crude oil and derivatives, including gasoline and liquid ethane, to refineries nationwide. In a Wednesday press release, the company said the […]
GitLab warns of critical arbitrary branch pipeline execution flaw
GitLab has released security updates to address multiple flaws in Community Edition (CE) and Enterprise Edition (EE), including a critical arbitrary branch pipeline execution flaw. The vulnerability, which is tracked as CVE-2024-9164, allows unauthorized users to trigger Continuous Integration/Continuous Delivery (CI/CD) pipelines on any branch of a repository. CI/CD pipelines are automated processes that perform tasks […]
GitLab warns of critical pipeline execution vulnerability
GitLab has released critical updates to address multiple vulnerabilities, the most severe of them (CVE-2024-6678) allowing an attacker to trigger pipelines as arbitrary users under certain conditions. The release is for versions 17.3.2, 17.2.5, and 17.1.7 for both GitLab Community Edition (CE) and Enterprise Edition (EE), and patches a total of 18 security issues as part of the bi-monthly […]