Technology

Week in review: Revolut data breach, ManageEngine RCE bugs, free Linux security training courses – Help Net Security

Week in review: Revolut data breach, ManageEngine RCE bugs, free Linux security training courses - Help Net Security
Written by adrina

GTA 6 footage in development has been leaked
American video games publisher Rockstar Games has suffered an unfortunate data leak: someone has leaked online footage/videos in development for Grand Theft Auto (GTA) 6, the highly anticipated sequel to the popular game.

According to Uber, the Lapsus$ gang are behind the recent break-in
Uber has confirmed that the recent attack on its systems started with a contractor’s compromised account.

Python tarfile vulnerability affects 350,000 open source projects (CVE-2007-4559)
The Trellix Advanced Research Center published its research on CVE-2007-4559, a vulnerability estimated to be present in over 350,000 open source projects and widespread in closed source projects.

Revolut data breach: Over 50,000 users affected
Revolut, the fintech company behind the popular banking app of the same name, suffered a data breach that was followed by phishing attacks aimed at exploiting the situation.

US grants $1 billion to state, local and territorial governments to improve cyber resilience
The US government will award $1 billion in grants to help state, local and territorial (SLT) governments address cybersecurity risks, strengthen the cybersecurity of their critical infrastructure, and build cyber resilience against ongoing cyberthreats to guarantee.

The 25 most popular programming languages ​​and trends
CircleCI released the 2022 State of Software Delivery Report, which examines two years of data from more than a quarter billion workflows and nearly 50,000 organizations around the world, providing engineering teams with insights to understand how they can be more successful.

Critical ManageEngine RCE bug is exploited (CVE-2022-35405)
The US Agency for Cybersecurity and Infrastructure Security (CISA) has added CVE-2022-35405, a critical remote code execution vulnerability in ManageEngine PAM360, Password Manager Pro and Access Manager Plus, to its Known Exploited Vulnerabilities (KEV) catalog.

Securing the front of your Apple device with unified endpoint management
Apple has always touted the security and privacy features of its devices. Taking responsibility for both the hardware and the accompanying operating system has allowed Apple to take a cohesive approach to protecting users from some common attacks.

3 Free Linux Security Training Courses You Can Attend Now
Learning how to effectively navigate and interact with Linux can be an important part of your cybersecurity learning journey.

Bring cybersecurity to where people and data converge
Many data breaches occur within the organization, whether explicitly by employees or by threats that have infiltrated the network.

What you need to know about evil colon attacks
While novel attacks are emerging faster than TikTok trends, some measures justify action before they even had a chance to surface.

Mitigating the cybersecurity crisis for the upcoming school year
As students head back to the classroom, K-12 district leaders face the daunting task of preventing and containing cybersecurity threats against their districts.

High severity vulnerabilities found in Harbor open source artifact registry
Oxeye security researchers have uncovered several new high severity variants of IDOR (Insecure Director Object Reference) vulnerabilities (CVE-2022-31671, CVE-2022-31666, CVE-2022-31670, CVE-2022-31669, CVE-2022- 31667 ) in the CNCF-completed project Harbor, VMware’s popular open-source artifact registry.

The Impact of Location-Based Fraud
In this video from Help Net Security, Incognia CEO André Ferraz talks about the impact of location-based fraud, which is more prevalent than you might think, affecting different industries in a variety of ways.

The increase in attacks on critical infrastructure
In this Help Net Security video, Fleming Shi, CTO at Barracuda Networks, discusses the rise in attacks targeting critical infrastructure and how organizations are responding.

The use of open source software is slowing down for fear of vulnerabilities, compromises or risks
Anaconda has released its 2022 annual State of Data Science report, which reveals the widespread trends, opportunities, and perceived roadblocks facing the data science, machine learning (ML), and artificial intelligence (AI) industries.

Is $15.6 billion enough to protect critical infrastructure?
In this Help Net Security video, Jeffrey J. Engle, Chairman and President of Conquest Cyber, discusses why the increase in spending is necessary and whether it’s enough to protect critical infrastructure.

Agent-Based vs. Agentless Security: Pros and Cons
In this video from Help Net Security, Mark Nunnikhoven, Distinguished Cloud Strategist at Lacework, discusses agent-based vs. agentless security approaches.

What do SOC analysts need to be successful?
Gurucul announced the results of a Black Hat USA 2022 survey of security professionals, in which respondents said insider threats were the most difficult type of attack for SOC analysts to detect and that behavioral analytics was the most common technology they believe was missing and they planned to expand the SOC in the near future.

The Best Ways to Protect Crypto Assets
In this video from Help Net Security, Nick Percoco, Kraken’s Chief Security Officer, explains why it’s important for crypto owners to view personal security as an ongoing, holistic process and shares tips for protecting crypto assets.

The explosion of data is beyond human ability to handle
Dynatrace announced the results of an independent global survey of 1,303 CIOs and senior cloud and IT operations managers in large organizations showing that as the shift to cloud-native architectures accelerates, the data generated by such environments is increasing the capability of current solutions to create meaningful analyzes exceed .

Email-based threats: A pain point for businesses
In this video from Help Net Security, Igal Lytzki, Incident Response Analyst at Perception Point, talks about a recent Remcos RAT malware campaign and, more broadly, the threat that email-based threats and phishing pose to businesses.

How to protect public cloud data
In this video from Help Net Security, Amit Shaked, CEO of Laminar, talks about data security blind spots in public clouds and gives organizations tips on how to increase their security posture.

4 key takeaways from the webinar “XDR is the perfect solution for SMBs”.
Cyber ​​attacks on large companies dominate the headlines. You may be surprised to learn that small and medium-sized businesses (SMEs) are actually more common targets of cyberattacks. Many SMEs know this risk firsthand.

Infosec New Product of the Week: September 23, 2022
Here’s a look at the hottest products from the past week, including releases from 42Crunch, Cloudflare, Code42, Commvault, and Onfido.

#Week #review #Revolut #data #breach #ManageEngine #RCE #bugs #free #Linux #security #training #courses #Net #Security

 







About the author

adrina

Leave a Comment