Tenable blog
The Keys to Implementing Exposure Management
CVE-2024-21762: الثغرة الأمنية الحرجة Fortinet FortiOS Out-of-Bound Write SSL VPN
Fortinet warns of “potentially” exploited flaw in the SSL VPN functionality of FortiOS, as government agencies warn of pre-positioning by Chinese state-sponsored threat actors in U.S. critical infrastructure through exploitation of known vulnerabilities...
دعم الأمن المائي: قادة الصناعة يدلون بشهادتهم أمام الكونجرس
The House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection recently brought together industry leaders and stakeholders to discuss the urgent need for protective measures, baseline cybersecurity standards and collaboration initiatives to fortify the nation’s critical wate...
Cybersecurity Snapshot: Critical Infrastructure Orgs Must Beware of China-backed Volt Typhoon, Cyber Agencies Warn
The Volt Typhoon hacking gang is stealthily breaching critical infrastructure IT environments so it can strike on behalf of the Chinese government, cyber agencies say. Plus, ransomware gangs netted $1 billion-plus in 2023. In addition, new group tasked with addressing the quantum computing threat dr...
حافظ على تدفق المياه لوزارة الدفاع: تأمين التكنولوجيا التشغيلية من الهجمات الإلكترونية
Malicious actors are ramping up attacks against water and wastewater systems (WWS), which are not only attractive targets but also complex to protect. اعتمدت Department of Defense (DoD) in particular operates a large number of WWS facilities. Read on to learn how a strong cybersecurity program can...
الأسئلة المتداولة حول الحوادث الأمنية في AnyDesk
Frequently asked questions relating to a security incident at AnyDesk that was publicly disclosed on February 2....
Cybersecurity Snapshot: Attackers Hack Routers To Hit Critical Infrastructure, as CISA Calls for More Secure Router Design
CISA is calling on router makers to improve security, because attackers like Volt Typhoon compromise routers to breach critical infrastructure systems. Meanwhile, data breaches hit an all-time high in the U.S. Plus, Italy says ChatGPT violates EU privacy laws. And a cyber expert calls on universitie...
ضعف أمان الهوية هو السبب الجذري للهجمات الدولية القومية ضد مايكروسوفت
ويُظهر الانتهاك الأخير الذي تعرضت له شركة مايكروسوفت مرة أخرى أن الاكتشاف والاستجابة ليسا كافيين. Because the source of an attack almost always boils down to a single overlooked user and permission, it’s critical for organizations to have strong preventive security....
CVE-2023-46805, CVE-2024-21887, CVE-2024-21888 and CVE-2024-21893: Frequently Asked Questions for Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways
Frequently asked questions for five CVEs affecting Ivanti Connect Secure and Policy Secure Gateways, with three of the vulnerabilities having been exploited in the wild as zero-days....
الشركات الرائدة في مجال السحابة يتحدثون عن التحديات الرئيسية
Too many identities, systems and cooks in the kitchen cloud an already complex mandate....