CVE-2024-0204: Fortra GoAnywhere MFT Authentication Bypass Vulnerability
Proof-of-concept exploit details are available for a newly disclosed critical vulnerability in Fortra GoAnywhere Managed File Transfer (MFT), a product historically targeted by ransomware...
CVE-2023-22527: Atlassian Confluence Data Center and Server Template Injection Exploited in the Wild
In the wild exploitation has begun for a recently disclosed, critical severity flaw in Atlassian Confluence Data Center and Server...
提升您的雲端安全策略
Learn how to better your cloud security program with these ten security resolutions. ...
網路安全概要: Critical Infrastructure Orgs Cautioned About Chinese Drones, While Water Plants Advised To Boost Incident Response
Find out why Uncle Sam is warning critical infrastructure facilities about drones made in China, while urging water treatment plants to beef up incident response plans. Plus, the challenges stressing out CISOs are also opening new doors for them. In addition, the latest on the Androxgh0st malware. A...
深入瞭解您的內部紀錄,以提高異常偵測與資安事端應變能力
Tenable Cloud Security enriches cloud activity log data to give you the context you need to quickly respond to and remediate cloud risks....
Tenable Cloud Security Now Supports the Generation of Pull Requests for Remediation Suggestions
The new capability is designed to make it more efficient for security teams to pass remediation recommendations on to the infrastructure team to implement. Here’s how it works....
Oracle 2024 年 1 月重大修補程式更新解決了 191 個 CVE
Oracle addresses 191 CVEs in its first quarterly update of 2024 with 389 patches, including 37 critical updates....
CVE-2023-6548、CVE-2023-6549:Citrix NetScaler ADC 和 NetScaler Gateway 中受到刺探利用的零時差弱點
Two zero-day vulnerabilities in Citrix NetScaler ADC and NetScaler Gateway have been exploited in the wild. Urgent patching is required to address these flaws....
展望未來: 2024 年值得關注的 5 大雲端安全趨勢
生成式 AI 無疑將會大幅提高企業的網路安全功能。 但是,如果不先強制執行完善的雲端安全原則,網路安全部門可以從生成式 AI 得到的效益相當微小。 In this blog, we explain the top cloud security trends that organizations must track – an...
網路安全概要: 如何大幅提升 AI 系統的網路安全,同時將風險降至最低
Check out expert recommendations for deploying AI tools securely. Plus, the World Economic Forum ranks cyberattacks and AI misinformation among today’s top global risks. In addition, cyber insurance demand is forecast to grow robustly. And a warning about adversary-in-the-middle (AiTM) attacks and h...
CVE-2023-46805、CVE-2024-21887: Ivanti Connect Secure 和 Policy Secure Gateways 中受到刺探利用的零時差弱點
Two zero-day vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure have been exploited in the wild, with at least one attack attributed to nation-state actors....
Microsoft 的 2024 年 1 月 Patch Tuesday 解決了 48 個 CVE (CVE-2024-20674)
Microsoft addresses 48 CVEs in its January 2024 Patch Tuesday release with no zero-day or publicly disclosed vulnerabilities....