مدونة Tenable
Introducing Tenable One AI Exposure: A New Standard for Securing AI Usage at Scale
كيف تعمل إدارة الثغرات الأمنية القائمة على المخاطر على تعزيز وضع الأمان في بيئة تكنولوجيا المعلومات الحديثة لديك
وقد تبدو عمليات تقييم الثغرات الأمنية وإدارة الثغرات الأمنية متشابهة - ولكنها ليست كذلك. As a new Enterprise Strategy Group white paper explains, it’s key to understand their differences and to shift from ad-hoc vulnerability assessments to continuous, risk-based vulnerability management (RBVM)…
Microsoft’s July 2024 Patch Tuesday Addresses 138 CVEs (CVE-2024-38080, CVE-2024-38112)
Microsoft addresses 138 CVEs in its July 2024 Patch Tuesday release, with five critical vulnerabilities and three zero-day vulnerabilities, two of which were exploited in the wild.
كيف يمكن لثغرة regreSSHion أن تؤثر على بيئة السحابة التي لديك
With growing concern over the recently disclosed regreSSHion vulnerability, we’re explaining here what it is, why it’s so significant, what it could mean for your cloud environment and how Tenable Cloud Security can help.
Cybersecurity Snapshot: Malicious Versions of Cobalt Strike Taken Down, While Microsoft Notifies More Orgs About Midnight Blizzard Email Breach
Check out the results of a multinational operation against illegal instances of Cobalt Strike. Plus, more organizations are learning that Midnight Blizzard accessed their email exchanges with Microsoft. Meanwhile, Carnegie Mellon has a new report about how to fix and mitigate API vulnerabilities…
Cybersecurity Snapshot: Memory Bugs Pervasive in Open Source SW, While Car Dealership Chaos Persists After Ransomware Attack
Check out why memory vulnerabilities are widespread in open source projects. Plus, get the latest on the ransomware attack that’s disrupted car sales in North America. In addition, find out why a majority of organizations grew their cyber budgets this year. And learn how confidential data from U.S…
Tag, You’re IT! Tagging Your Way to Cloud Security Excellence
To manage your cloud resources effectively and securely, you need to consistently tag assets across all your cloud platforms. Here we explain tagging’s main benefits, as well as proven strategies and best practices for tagging success.
CVE-2024-5806: ثغرة تجاوز مصادقة نقل Progress MOVEit
Progress Software has patched a high severity authentication bypass in the MOVEit managed file transfer (MFT) solution. As MOVEit has been a popular target for ransomware gangs and other threat actors, we strongly recommend prioritizing patching of this vulnerability.
Understanding Customer Managed Encryption Keys (CMKs) in AWS, Azure and GCP: A Comparative Insight
Explore critical differences in handling customer-managed encryption keys (CMKs) across AWS, Azure and GCP to avoid security misconfigurations and protect your data effectively.
CVE-2024-28995: تم استغلال ثغرة في عبور مسار/دليل Serv-U في SolarWinds
Following the publication of proof-of-concept exploit details for a high-severity flaw in SolarWinds Serv-U, researchers have observed both automated and manual in-the-wild exploitation attempts; patching is strongly advised.
الاتصال بفريق المبيعات