New Relic's cyber-something revealed as attack on staging systems, some users

2023-12-04 04:27

"There is no indication of lateral movement from our staging environment to any customers' New Relic accounts in the separate production environment or to New Relic's production infrastructure," the advisory adds.

"Based on our investigation to date, there is no evidence to suggest the identified log-in credentials were acquired as a result of the attack on New Relic's staging environment," the advisory states.

Instead, the creds were "Harvested in recent large-scale social engineering and credential compromise attacks, which may have put these New Relic user accounts at risk."

Customers whose use of New Relic was detailed in data in the staging environment, and/or whose accounts may have been probed, will hear from the analytics outfit about what to do next.

New Relic warns customers it's experienced a cyber something New Relic guzzles down CodeStream to help devs jump straight from app error telemetry to offending code New Relic streamlines app monitoring tools, shifts to per-user, pay-as-you-go pricing, adds free tier to lure you in Regulator says stranger entered hospital, treated a patient, took a document ... then vanished.

The vendor has already made some changes, revealing that its security team has "Taken steps to implement additional layers of technical controls, enhance network access controls, and eliminate the attack method used to access New Relic's staging environment."

News URL

https://go.theregister.com/feed/www.theregister.com/2023/12/04/new_relic_security_incident/

#attack