18

GitLab servers are being exploited in DDoS attacks (The Record)

 3 years ago
source link: https://lwn.net/Articles/875154/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client

GitLab servers are being exploited in DDoS attacks (The Record)

[Posted November 5, 2021 by corbet]
The Record is reporting on massive exploitation of an oldish vulnerability in GitLab instances.

While the purpose of these attacks remained unclear for HN Security, yesterday, Google’s Menscher said the hacked servers were part of a botnet comprising of “thousands of compromised GitLab instances” that was launching large-scale DDoS attacks.

The vulnerability was fixed in April, but evidently a lot of sites have not updated.

(Log in to post comments)

GitLab servers are being exploited in DDoS attacks (The Record)

Posted Nov 5, 2021 9:54 UTC (Fri) by schNEO (subscriber, #140545) [Link]

No mercy but my companies inbox is full with managed customers and their hacked gitlab instances.
It really all started to go down on Nov 4th.

But to be fair the biggest point here could be that gitlab - if not updated regularly - is pain to upgrade as everything and anything might break at least IMO.


report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK