網路安全概要: SharePoint Attacks Trigger Urgent Patching Calls, While U.S. Gov’t Unveils AI Innovation Plan
Check out the latest on attackers’ cyber siege of SharePoint servers. Plus, the White House releases plan to spur AI innovation. In addition, CISA alerts orgs about Interlock ransomware. And get the latest on Q2's top malware; ransomware trends; and credentialed scanning.
縮小焦點: Tenable VPR 之增強功能及其與其他優先排序模型的比較
Tenable 為弱點優先順序評分 (VPR) 推出多項增強功能,包含更豐富的威脅情報、AI 驅動的洞察與可解釋性,以及背景資訊中繼資料。Learn how the improved prioritization effectiveness of the enhanced VPR compares to other common…
Tackling Shadow AI in Cloud Workloads
As enterprise adoption of cloud AI systems balloons, protecting them has become a priority. Shadow AI – the unsanctioned use of AI apps – has emerged as a particularly critical threat. Here we outline two best practices that can help you combat shadow AI in your cloud workloads.
Forrester 在 2025 年第 3 季 Unified Vulnerability Management Solutions Wave™ 報告中將 Tenable 評為領導者
“Tenable continues to extend its established vulnerability management offerings into exposure management with its Tenable One platform,” according to the report.
How Exposure Management Can Turn a Torrent of Data into Insight
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this post, we look at the results of a survey taken during a recent Tenable webinar on the greatest cybersecurity challenges.
CVE-2025-53770: Frequently Asked Questions About Zero-Day SharePoint Vulnerability Exploitation
Successful exploitation of CVE-2025-53770 could expose MachineKey configuration details from a vulnerable SharePoint Server, ultimately enabling unauthenticated remote code execution.
CVE-2025-54309: CrushFTP Zero-Day Vulnerability Exploited In The Wild
A critical zero-day flaw in CrushFTP that can grant attackers administrator access was discovered on July 18 and is under active exploitation.
網路安全概要: AI Security Tools Embraced by Cyber Teams, Survey Finds, as Vulnerability Research Gets a Boost from UK Cyber Agency
Check out why AI security tools are turning into “must have” assets for cyber teams. Plus, get the details on the NCSC’s efforts to supercharge its bug hunting capabilities. Meanwhile, Tenable webinar attendees shared their experience securing machine identities. And get the latest on the crypto…
OCI, Oh My: Remote Code Execution on Oracle Cloud Shell and Code Editor Integrated Services
Tenable Research discovered a Remote Code Execution (RCE) vulnerability (now remediated) in Oracle Cloud Infrastructure (OCI) Code Editor. We demonstrated how an attacker could silently 1-click hijack a victim’s Cloud Shell environment and potentially pivot across OCI services. The vulnerability…
Oracle July 2025 Critical Patch Update Addresses 165 CVEs
Oracle addresses 165 CVEs in its third quarterly update of 2025 with 309 patches, including nine critical updates.
Understanding and Managing Cyber Risk: An Exposure Management FAQ for Business Leaders
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this post, we answer some questions we’ve gotten recently the best way to determine, understand and communicate your risks.
網路安全概要: AI Security Field Gets Boost from New CSA Framework and from SANS - OWASP Partnership
Check out a new Cloud Security Alliance framework for securing AI systems. Plus, SANS Institute and OWASP are joining forces to deliver AI security controls. Meanwhile, Accenture finds orgs unprepared to counter AI-powered cyber attacks. And get the latest on the Iran cyber threat, SMB cyber…