Kevin BeaumontApr 14, 2024
I wrote up the Delinea Secret Server Cloud security incident situation: https://doublepulsar.com/delinea-has-cloud-security-incident-in-thycotic-secret-server-gaff-581a33990882
Delinea has cloud security incident in Thycotic Secret Server gaff

This is a weird one. Customers of Delinea Secret Server Cloud had a mysterious outage on Friday due to a “security incident” – this was visible on a service status page: Delinea Secret Server – also…

DoublePulsar
Show threadKevin BeaumontApr 14, 2024

As far as I can see Delinea have no responsible disclosure programme or vulnerability reporting contact.

They did, however, do a podcast about how to run one 😬 https://delinea.com/events/podcasts/responsible-disclosure-programs-katie-moussouris-casey-ellis

Podcast: Responsible Disclosure Programs | Moussouris, Ellis

Katie Moussouris and Casey Ellis join Joe and Mike to talk all things responsibility disclosure – the good, the bad, and the ugly.

Delinea
Show threadKevin BeaumontApr 14, 2024
Delinea have removed the paywall on the IoCs and remediation information.
Show threadKevin BeaumontApr 14, 2024

In fairness to Delinea I think they have got on top of this really well now. The remediation guide is top tier.

They probably want to have a look at their CMS setup for their online portals, eg the podcast and marketing content is really well search engine optimised, but the security content (including responsible disclosure policy) is on a platform which is really search engine unfriendly - most of it is so buried I can’t even find it via Google, I think they might be blocking it by mistake.

Show threadDrew Scott Daniels
@GossiTheDog thanks. This IoC document is so much better at proving no access was made (in most cases) rather than just a lack of evidence.
Apr 14, 2024 at 8:24pmWeb