Two-factor authentication (2FA) is there to provide a high level of security, but what happens when this process is compromised?

CircleCI is a platform used by software developers to build, test and implement code. Therefore, due to the amount of confidential and potentially valuable data CircleCI holds, it’s a highly attractive target for threat actors. Thankfully, for those using CircleCI, strong security practices are in place to provide a secure environment, and one of the most important is 2FA. Nonetheless, threat actors are persistent and innovative individuals, and the presence of 2FA merely represents a challenge. And it was this obstacle hackers managed to overcome in December 2022 when they breached CircleCI.

As 2FA is such a critical element of excellent cybersecurity practices, it’s important that we understand what went wrong at CircleCI.

How 2FA Failed at CircleCI

The first sign of CircleCI becoming compromised came in early January 2023 when a user discovered that their OAuth token – used to identify customers to online platforms – had been accessed by an unauthorized party. CircleCI were unable to pinpoint how the security token had been compromised, but immediately began to randomly rotate the OAuth tokens in use by their users.

Further investigation, however, revealed how access to the OAuth tokens had been breached. A developer at CircleCI had fallen victim to a malware attack, one which focused on stealing data. Among the stolen data was a session cookie which had already been validated through the 2FA process and, therefore, ensured that anyone in possession of it could gain quick and easy access to the CircleCI network. And this is exactly what the threat actors did, stealing encryption keys, OAuth tokens and customer data.

Can You Combat a Compromised Cookie?

2FA has long been championed as one of the cornerstones of IT security, but this attack on CircleCI has brought the spotlight on to one of its glaring weaknesses. The success of the attack also highlights the popularity of this technique, which has recently been deployed against several major IT organizations. Accordingly, to protect your IT infrastructure, it’s crucial that your organization practices the following:

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


We’ve all seen a pop up on a website which asks you to accept cookies. And we tend to click yes. But do we know what we’re agreeing to?

Cookies have been part of the internet since the dawn of the world wide web, but most internet users are unclear on what they are. Yet, concerns have been building about them for several years now. 2011 saw the European Union (EU) passing the Cookie Law which states that websites need to seek consent before exposing you to cookies. Most popular websites attract users from the EU, so even US based websites, in theory, need to seek this consent.

The Cookie Law has heightened concerns around cookies, so it’s time to brush up on exactly what a cookie is and how it can affect your security.

What is a Cookie?

The simplest explanation of a cookie is that it’s a piece of code used to track your online activity. Naturally, this sounds sinister and contributes towards the concern over cookies. But most cookies have harmless motives. Their main objective is to remember useful information about specific users e.g. login details to keep you logged into websites and credit card details to autocomplete online forms. These ‘authentication’ cookies are useful allies for online life. But ‘tracking’ cookies receive considerable cynicism.

A tracking cookie records and broadcasts your web history, a rough location of where you are and the device you’re using. These are all pieces of data which help to identify personal information. And no internet user wants to reveal this to anonymous strangers. But these details can be shared by third-party software such as Google Analytics. This is why we live in age where personalized online ads crop up with an alarming regularity.

Keeping Safe with Cookies

Cookies carry a security risk, but as with most online activities it’s possible to negate and reduce these risks. To protect yourself for the more dangerous aspects of cookies make sure you do the following:

  • Always be careful when sharing personal information. Cookies can transmit this information, so tread carefully. And if you’re using a public computer then do not send any personal information.
  • Disable the storage of cookies in your internet browser. This reduces the amount of information being shared and can be adjusted in your browser’s privacy settings.
  • Always make sure you have anti-malware software installed on your PC as malware can often disguise itself as harmless cookies or infiltrate advertising networks.

Final Thoughts

There have been calls for cookies to be banned, but this is unlikely to happen any time soon. There will always be some form of online tracking in our internet experience, especially while it is being pushed by Google, but you can still remain safe by being vigilant and clever.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More