Y
Hacker News
new
|
ask
|
show
|
jobs
by
arunc
2631 days ago
Why was Jenkins running on a production server?
1 comments
deepwell
2631 days ago
it was not, read again
link
Perceptes
2631 days ago
But it does seem to be the case that the same SSH key pair that was used to access Jenkins also provided access to the production infrastructure. Unless I'm misunderstanding the nature of the attack.
link
zigara
2631 days ago
It seems the issue was developers using SSH agent forwarding which was abused to access the production environment.
link