Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable 部落格

訂閱

網路安全概要: RansomHub Group Triggers CISA Warning, While FBI Says North Korean Hackers Are Targeting Crypto Orgs

September 6, 2024
Cybersecurity teams must beware of RansomHub, a surging RaaS gang. Plus, North Korea has unleashed sophisticated social-engineering schemes against crypto employees. Meanwhile, a new SANS report stresses the importance of protecting ICS and OT systems. And a Tenable poll sheds light on cloud-native VM. 還有更多內容等您探索!

網路安全概要: Schools Suffer Heavy Downtime Losses Due To Ransomware, as Banks Grapple with AI Challenges

August 30, 2024

The cost of ransomware downtime in schools gets pegged at $500K-plus per day. Meanwhile, check out the AI-usage risks threatening banks’ cyber resilience. Plus, Uncle Sam is warning about a dangerous Iran-backed hacking group. And get the latest on AI-system inventories, the APT29 nation-state attacker and digital identity security!

AA24-241A:有關位於伊朗的網路攻擊者鎖定美國企業組織的聯合網路安全公告

August 28, 2024

A joint Cybersecurity Advisory highlights Iran-based cyber actor ransomware activity targeting U.S. organizations. The advisory includes CVEs exploited, alongside techniques, tactics and procedures used by the threat actors.

The Data-Factor: Why Integrating DSPM Is Key to Your CNAPP Strategy

August 28, 2024

DSPM solutions provide a comprehensive, up-to-date view into cloud-based data and risk. An integrated CNAPP and DSPM solution elevates this analysis to expose toxic combinations and security gaps across cloud environments.

Secure Your Sprawling Attack Surface With Risk-based Vulnerability Management

August 27, 2024

The cloud, artificial intelligence (AI), machine learning and other technological breakthroughs are radically changing the modern work environment. New assets and services offer increased flexibility, growth potential and access to more resources. However, they also introduce new security risks. Managing vulnerabilities across this ever-expanding threat landscape requires a risk-based approach beyond point solutions and reactive patch management.

透過 FCC Cybersecurity Pilot Program 已提供 K-12 學校和圖書館 $2 億美元的網路安全經費

August 27, 2024

Empowering K-12 schools and libraries to strengthen their cybersecurity posture with new funding opportunities and best practices.

CISA Finding: 90% of Initial Access to Critical Infrastructure Is Gained Via Identity Compromise. What Can You Do About It?

August 26, 2024

Conventional wisdom suggests the keys to protect critical infrastructure against cyberattacks are network segmentation and OT security. But continued breaches imply those methods alone fall short. In fact, a CISA probe of 121 critical infrastructure networks found that their weakest link is identity compromise. Learn how to leverage an attacker’s perspective to better secure critical infrastructure.

網路安全概要: Guide Unpacks Event-Logging Best Practices, as FAA Proposes Stronger Cyber Rules for Airplanes

August 23, 2024

Looking to sharpen your team’s event logging and threat detection? A new guide offers plenty of best practices. Plus, the FAA wants airplanes to be more resilient to cyberattacks. Meanwhile, check out the critical vulnerabilities Tenable discovered in two Microsoft AI products. And get the latest on ransomware trends, vulnerability management practices and election security!

SSRFing the Web with the Help of Copilot Studio

August 20, 2024

Tenable Research discovered a critical information-disclosure vulnerability in Microsoft’s Copilot Studio via a server-side request forgery (SSRF), which allowed researchers access to potentially sensitive information regarding service internals with potential cross-tenant impact.

網路安全概要: First Quantum-resistant Algorithms Ready for Use, While New AI Risks’ Database Is Unveiled

August 16, 2024

NIST has released the first encryption algorithms that can protect data against quantum attacks. Plus, MIT launched a new database of AI risks. Meanwhile, the CSA published a paper outlining the unique risks involved in building systems that use LLMs. And get the latest on Q2’s most prevalent malware, the Radar/Dispossessor ransomware gang and CVE severity assessments!

CVE-2024-7593: Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability

August 14, 2024

Ivanti released a patch for a critical severity authentication bypass vulnerability and a warning that exploit code is publicly available

Microsoft’s August 2024 Patch Tuesday Addresses 88 CVEs

August 13, 2024

Microsoft addresses 88 CVEs with seven critical vulnerabilities and 10 zero-day vulnerabilities, six of which were exploited in the wild.

Compromising Microsoft's AI Healthcare Chatbot Service

August 13, 2024

Tenable Research discovered multiple privilege-escalation issues in the Azure Health Bot Service via a server-side request forgery (SSRF), which allowed researchers access to cross-tenant resources.

一窺勒索軟體生態系統究竟

下載報告 >

您可以利用的網路安全最新消息

輸入您的電子郵件,就不會錯過來自 Tenable 專家提供的及時警示與安全指引。

Tenable Vulnerability Management

享受現代、雲端型的弱點管理平台,能夠以無與倫比的準確性查看和追蹤所有資產。

您的 Tenable Vulnerability Management 試用版軟體也包含 Tenable Lumin 和 Tenable Web App Scanning。

Tenable Vulnerability Management

享受現代、雲端型的弱點管理平台,使您能夠以無與倫比的準確性查看和追蹤所有資產。 立即訂閱一年。

100 項資產

選取您的訂閱選項:

立即購買

Tenable Vulnerability Management

享受現代、雲端型的弱點管理平台,能夠以無與倫比的準確性查看和追蹤所有資產。

您的 Tenable Vulnerability Management 試用版軟體也包含 Tenable Lumin 和 Tenable Web App Scanning。

Tenable Vulnerability Management

享受現代、雲端型的弱點管理平台,使您能夠以無與倫比的準確性查看和追蹤所有資產。 立即訂閱一年。

100 項資產

選取您的訂閱選項:

立即購買