Security News > 2022 > September > Week in review: Revolut data breach, ManageEngine RCE flaw, free Linux security training courses

Week in review: Revolut data breach, ManageEngine RCE flaw, free Linux security training courses
2022-09-25 08:30

Critical ManageEngine RCE flaw is being exploitedThe US Cybersecurity and Infrastructure Security Agency has added CVE-2022-35405, a critical remote code execution vulnerability in ManageEngine PAM360, Password Manager Pro, and Access Manager Plus, to its Known Exploited Vulnerabilities Catalog.

3 free Linux security training courses you can take right nowLearning how to effectively navigate and interact with Linux can be an important part of your learning journey in cybersecurity.

High severity vulnerabilities found in Harbor open-source artifact registryOxeye security researchers have uncovered several new high severity variants of the IDOR vulnerabilities in CNCF-graduated project Harbor, the popular open-source artifact registry by VMware.

Agent-based vs. agentless security: Pros and consIn this Help Net Security video, Mark Nunnikhoven, Distinguished Cloud Strategist at Lacework, discusses agent-based vs. agentless approaches in security.

The best ways to safeguard crypto assetsIn this Help Net Security video, Nick Percoco, Chief Security Officer at Kraken, explains why it's important for crypto holders to think about personal security as an ongoing, holistic process, and offers tips on how to safeguard crypto assets.

How to keep public cloud data secureIn this Help Net Security video, Amit Shaked, CEO at Laminar, talks about public cloud data security blind spots, and provides tips for organizations to elevate their level of security.


News URL

https://www.helpnetsecurity.com/2022/09/25/week-in-review-revolut-data-breach-manageengine-rce-flaw-free-linux-security-training-courses/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2022-07-19 CVE-2022-35405 Deserialization of Untrusted Data vulnerability in Zohocorp products
Zoho ManageEngine Password Manager Pro before 12101 and PAM360 before 5510 are vulnerable to unauthenticated remote code execution.
network
low complexity
zohocorp CWE-502
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Linux 11 64 2532 1569 67 4232
Manageengine 9 0 3 4 3 10
Free 9 0 3 1 3 7