Security News > 2022 > August > Week in review: RCE bug in GitLab patched, phishing PyPI users, Escanor malware in MS Office docs

Phishing PyPI users: Attackers compromise legitimate projects to push malwarePyPI, the official third-party software repository for Python packages, is warning about a phishing campaign targeting its users.

DDoS tales from the SOCIn this Help Net Security video, Bryant Rump, Principal Security Architect at Neustar Security Services, talks about the challenges of mitigating immense DDoS attacks.

How vulnerable supply chains threaten cloud securityOrganizations are struggling to sufficiently secure new cloud environments implemented during the pandemic, while maintaining legacy equipment and trying to adapt their overall security strategy to the evolving landscape, according to a Proofpoint study released in collaboration with The Cloud Security Alliance reveals.

CISOs see little need for a point solution to cover ransomware riskIn this Help Net Security video, Sara Behar from YL Ventures talks about how CISOs see little need for a point solution to cover ransomware risk, believing instead in utilizing a full security stack for a multi-layered approach that addresses many security concerns at once.

New social engineering tactics discovered in the wildIn this Help Net Security video, Otavio Freire, President and CTO at SafeGuard Cyber, offers insight on new social engineering tactics discovered in the wild, and illustrates how phishing attacks are changing, including how they're evolving beyond email.

We need to think about ransomware differentlyIn this Help Net Security video, David Mahdi, Chief Strategy Officer & CISO Advisory at Sectigo, talks about how ransomware isn't solely a malware problem, bad actors want access to your data, so it really is a data security and access problem.

News URL

https://www.helpnetsecurity.com/2022/08/28/week-in-review-rce-bug-in-gitlab-patched-phishing-pypi-users-escanor-malware-in-ms-office-docs/