Security News > 2022 > September > Week in review: Revolut data breach, ManageEngine RCE flaw, free Linux security training courses

Critical ManageEngine RCE flaw is being exploitedThe US Cybersecurity and Infrastructure Security Agency has added CVE-2022-35405, a critical remote code execution vulnerability in ManageEngine PAM360, Password Manager Pro, and Access Manager Plus, to its Known Exploited Vulnerabilities Catalog.
3 free Linux security training courses you can take right nowLearning how to effectively navigate and interact with Linux can be an important part of your learning journey in cybersecurity.
High severity vulnerabilities found in Harbor open-source artifact registryOxeye security researchers have uncovered several new high severity variants of the IDOR vulnerabilities in CNCF-graduated project Harbor, the popular open-source artifact registry by VMware.
Agent-based vs. agentless security: Pros and consIn this Help Net Security video, Mark Nunnikhoven, Distinguished Cloud Strategist at Lacework, discusses agent-based vs. agentless approaches in security.
The best ways to safeguard crypto assetsIn this Help Net Security video, Nick Percoco, Chief Security Officer at Kraken, explains why it's important for crypto holders to think about personal security as an ongoing, holistic process, and offers tips on how to safeguard crypto assets.
How to keep public cloud data secureIn this Help Net Security video, Amit Shaked, CEO at Laminar, talks about public cloud data security blind spots, and provides tips for organizations to elevate their level of security.
News URL
Related news
- There are 10,000 reasons to doubt Oracle Cloud's security breach denial (source)
- StreamElements discloses third-party data breach after hacker leaks data (source)
- New Ubuntu Linux security bypasses require manual mitigations (source)
- Texas State Bar warns of data breach after INC ransomware claims attack (source)
- Food giant WK Kellogg discloses data breach linked to Clop ransomware (source)
- CentreStack RCE exploited as zero-day to breach file sharing servers (source)
- The quiet data breach hiding in AI workflows (source)
- Hertz confirms customer info, drivers' licenses stolen in data breach (source)
- Hertz data breach: Customers in US, EU, UK, Australia and Canada affected (source)
- Landmark Admin data breach impact now reaches 1.6 million people (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-07-19 | CVE-2022-35405 | Deserialization of Untrusted Data vulnerability in Zohocorp products Zoho ManageEngine Password Manager Pro before 12101 and PAM360 before 5510 are vulnerable to unauthenticated remote code execution. | 9.8 |