To test its security mid-pandemic, GitLab tried phishing its own work-from-home staff. 1 in 5 fell for it

CERT-LatestNews Cybersecurity-Covid-19 ThreatsCybercrime Uncategorized

Code hosting biz GitLab recently concluded a security exercise to test the susceptibility of its all-remote workforce to phishing – and a fifth of the participants submitted their credentials to the fake login page. The mock attack simulated a targeted phishing campaign designed to get GitLab employees to give up their credentials.