Security News > 2022 > December > Week in review: Log4Shell lingers, NIS2 directive adopted, LastPass breached (again)
Pre-auth RCE in Oracle Fusion Middleware exploited in the wildA pre-authentication RCE flaw in Oracle Access Manager that has been fixed in January 2022 is being exploited by attackers in the wild, the Cybersecurity and Infrastructure Security Agency has confirmed by adding the vulnerability to its Known Exploited Vulnerabilities Catalog.
LastPass, GoTo announce security incidentLastPass and its affiliate GoTo have announced that they suffered a security incident and, in LastPass' case, a possible data breach.
Cloud security starts with zero trustIn this interview for Help Net Security, Mark Ruchie, CISO at Entrust, talks about cloud security and how zero trust should be implemented to guarantee overall cloud protection.
The cybersecurity trends organizations will soon be dealing withIn this interview with Help net Security, Brad Jones, VP of Information Security at Seagate Technology, talks about cybersecurity trends organizations will be dealing with soon, particularly concerning cloud misconfiguration, data classification, software vulnerabilities, and the cybersecurity skills gap.
Many Global 2000 companies lack proper domain securityCSC released its third annual Domain Security Report that found three out of four Forbes Global 2000 companies have not adopted key domain security measures-exposing them to high risk of security threats.
Don't ignore the security risks of limitless cloud dataOver the past two decades, technology has evolved to make it easy and affordable for companies to collect, store and use massive amounts of data.