Security News > 2021 > November > Week in review: Windows EoP flaw still exploitable, GoDaddy breach, malicious Python packages on PyPI

Week in review: Windows EoP flaw still exploitable, GoDaddy breach, malicious Python packages on PyPI
2021-11-28 09:00

GoDaddy breach: SSL keys, sFTP, database passwords of WordPress customers exposedGoDaddy, the popular internet domain registrar and web hosting company, has suffered a data breach that affected over a million of their Managed WordPress customers.

Malicious Python packages employ advanced detection evasion techniquesJFrog researchers have discovered 11 malicious Python packages on PyPI, the official third-party package repository for Python, which have been collectively downloaded over 41,000 times.

What's stopping consumers from acting on a data breach notice?Only three percent of consumers implemented a credit freeze after receiving a data breach notice, 11 percent enrolled in credit/data monitoring, and only 22 percent changed all of their account passwords, a recent survey by DIG.Works on behalf of the Identity Theft Resource Center has shown.

An introduction to U.S. data compliance lawsDue to technological advances like the rise of cloud storage and social media, there is an increasing concern over privacy - especially when it comes to how businesses collect and use customer data.

In many ways the drive to achieve ubiquitous data security has undermined itself.

Your supply chain: How and why network security and infrastructure matterWith digital transformation, the rapid adoption of cloud computing and the IoT, and the global scale of today's supply chains, cybercriminals have more entry points to networks and access to data than ever before.


News URL

https://www.helpnetsecurity.com/2021/11/28/week-in-review-windows-eop-flaw-still-exploitable-godaddy-breach-malicious-python-packages-on-pypi/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Python 27 10 87 75 27 199
Pypi 14 0 0 14 0 14