Security News > 2022 > September > Week in review: Revolut data breach, ManageEngine RCE flaw, free Linux security training courses
Critical ManageEngine RCE flaw is being exploitedThe US Cybersecurity and Infrastructure Security Agency has added CVE-2022-35405, a critical remote code execution vulnerability in ManageEngine PAM360, Password Manager Pro, and Access Manager Plus, to its Known Exploited Vulnerabilities Catalog.
3 free Linux security training courses you can take right nowLearning how to effectively navigate and interact with Linux can be an important part of your learning journey in cybersecurity.
High severity vulnerabilities found in Harbor open-source artifact registryOxeye security researchers have uncovered several new high severity variants of the IDOR vulnerabilities in CNCF-graduated project Harbor, the popular open-source artifact registry by VMware.
Agent-based vs. agentless security: Pros and consIn this Help Net Security video, Mark Nunnikhoven, Distinguished Cloud Strategist at Lacework, discusses agent-based vs. agentless approaches in security.
The best ways to safeguard crypto assetsIn this Help Net Security video, Nick Percoco, Chief Security Officer at Kraken, explains why it's important for crypto holders to think about personal security as an ongoing, holistic process, and offers tips on how to safeguard crypto assets.
How to keep public cloud data secureIn this Help Net Security video, Amit Shaked, CEO at Laminar, talks about public cloud data security blind spots, and provides tips for organizations to elevate their level of security.
News URL
Related news
- Free, France’s second largest ISP, confirms data breach after leak (source)
- Interbank confirms data breach following failed extortion, data leak (source)
- Microsoft SharePoint RCE bug exploited to breach corporate network (source)
- How to Effectively Manage a Data Breach (source)
- Amazon confirms employee data breach after vendor hack (source)
- HIBP notifies 57 million people of Hot Topic data breach (source)
- Deepen your knowledge of Linux security (source)
- T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears (source)
- US space tech giant Maxar discloses employee data breach (source)
- Oracle Linux 9 Update 5 brings security updates, OpenJDK 17, .NET 9.0 (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-07-19 | CVE-2022-35405 | Deserialization of Untrusted Data vulnerability in Zohocorp products Zoho ManageEngine Password Manager Pro before 12101 and PAM360 before 5510 are vulnerable to unauthenticated remote code execution. | 9.8 |