Tenable 感到非常欣喜雀躍:我們在 2023 年獲得業界肯定的回顧
Respected analyst firms and industry experts once again validated the exceptional quality, innovation and performance of Tenable products....
Tenable 網路觀察:Promoting AI Safety and Security, White House AI Cyber Challenge, and more
This week’s edition of Tenable Cyber Watch unpacks why CISA urged AI vendors to apply secure by design practices to software products and takes a look back at some of the initiatives launched this past year to promote the safety and responsible use of AI. Also covered: How you could win millions in ...
建構 2024 年 OT 安全性的可能趨勢
Discover the transformative shifts reshaping Operational Technology (OT) security in an evolving threat landscape....
網路安全概要: 您想要安全地部署 AI 嗎?新的產業團體將彙編 AI 安全最佳做法
A group that includes the Cloud Security Alliance, CISA and Google is working to compile a comprehensive collection of best practices for secure AI use. Meanwhile, check out a draft of secure configuration recommendations for the Google Workspace suite. Plus, MITRE plans to release a threat model fo...
孩子們並不安全: Edulog 入口網站中的弱點暴露了幼稚園、小學和中學學生的所在位置資料
Tenable Research discovered security flaws in a popular transportation management app that allowed access to student location data. While these issues have been fixed, the findings again prove the importance of strong authentication and access control....
2023 年 Microsoft Patch Tuesday 年度評論
Microsoft addressed over 900 CVEs as part of Patch Tuesday releases in 2023, including over 20 zero-day vulnerabilities....
Microsoft 的 2023 年 12 月份 Patch Tuesday 解決了 33 個 CVE (CVE-2023-36019)
Microsoft addresses 33 CVEs in its December 2023 Patch Tuesday release, with no zero-day vulnerabilities disclosed this month....
Tenable 網路觀察:2023 年網路技能短缺、2023 年最吃香的網路技能等等
This week edition of Tenable Cyber Watch unpacks the 2023 cyber skills shortage and addresses the most sought-after cyber skills in 2023. Also covered: The most in-demand cybersecurity jobs from 2023 according to COMPTIA's "State of the Tech Workforce Report." Why did CISA urge AI vendors to ap...
如何應對 OT 挑戰:資產庫與弱點評估
The plurality of devices and protocols found in operational technology (OT) environments makes asset discovery and remediation a challenge. Here’s how Tenable OT Security can help....
網路安全概要: 在 OpenSSF 頒布安全軟體原則 (Secure Software Principles) 之際,CISA 呼籲軟體製造商使用可保障記憶體安全之程式語言
CISA is urging developers to stamp out memory vulnerabilities with memory safe programming languages. Meanwhile, the OpenSSF published 10 key principles for secure software development. Plus, malware used in fake browser-update attacks ballooned in Q3. In addition, a new program aims to boost the cy...
CVE-2023-4966 (CitrixBleed): Invalidate Active or Persistent Sessions To Prevent Further Compromise
Patching CitrixBleed isn’t enough; organizations need to invalidate active or persistent session tokens as the these tokens can be used to compromise networks and bypass authentication measures including multifactor authentication...
Tenable 網路觀察:CSA 發表零信任認證、CISA 更新了安全證明表單等等
This week’s edition of Tenable Cyber Watch unpacks CISA’s Security Attestation Form Draft and discusses CSA’s new Zero Trust Certification. Also covered: The FCC’s new pilot program that would help U.S. schools and libraries boost their cybersecurity. ...