GitLab checked its employees: on phishing got every fifth

Recently, the GitLab platform conducted a security audit, analyzing if working from home employees are resistant to phishing attacks. As it turned out, every fifth got on phishing in GitLab: 20% of employees agreed to enter their credentials on a fake login page. A training attack conducted by the GitLab Red Team simulated a real… Continue reading GitLab checked its employees: on phishing got every fifth

IS researcher discovered a critical vulnerability in GitLab

IS researcher William Bowling made $20,000 by discovering a critical vulnerability in GitLab. The bug allowed achieving the execution of arbitrary code or stealing confidential data from the server. Bowling exposed the vulnerability in March 2020. Then the expert noticed that an attacker could get arbitrary files from the server while moving the issue from… Continue reading IS researcher discovered a critical vulnerability in GitLab