網路安全概要: 要達到強大的雲端安全性,就要專注於設定
Check out the NCSC’s advice about proper configuration in cloud security. Plus, a detailed guide about LockBit ransomware. Also, don’t miss OWASP’s revised list of top API security risks. Plus, CISA’s warning about remote network management tools. And much more!...
CVE-2023-20887:網路指令插入的 VMware Aria 作業
VMware issues advisory to address three flaws in its VMware Aria Operations for Networks solution, including a critical command injection flaw assigned a CVSSv3 score of 9.8....
Microsoft 的 2023 年 6 月份 Patch Tuesday 解決了 70 個 CVE (CVE-2023-29357)
Microsoft addresses 70 CVEs in its June 2023 Patch Tuesday update including six rated as critical....
CVE-2023-27997: Heap-Based Buffer Overflow in Fortinet FortiOS and FortiProxy SSL-VPN (XORtigate)
Fortinet says a critical flaw in its SSL-VPN product may have been exploited in the wild in a limited number of cases. Organizations are strongly encouraged to apply these patches immediately....
Tenable 網路觀察:6 個關鍵且常見的網路錯誤觀念、大幅提升 IAM 安全性的最佳做法等等
This week’s edition of the Tenable Cyber Watch unpacks the six most critical and common cyber misconceptions and shares tips on how to better distribute software bills of materials. Also covered: the best practices to boost IAM security from CISA and the NSA. ...
網路安全概要: 您正在打造自己的 ChatGPT 嗎? 瞭解如何避免 AI 模型帶來的安全風險
Find out why cyber teams must get hip to AI security ASAP. Plus, check out the top risks of ChatGPT-like LLMs. Also, learn what this year’s Verizon DBIR says about BEC and ransomware. Plus, the latest trends on SaaS security. And much more!...
Mastering the Art of Kubernetes Security
With Kubernetes’ explosive adoption by the development community comes an urgent need to secure clusters and ensure their compliance effectively....
想要更深入瞭解曝險管理嗎?歡迎查看此 Gartner® 報告
At Tenable, we believe that you need exposure management to protect your modern attack surface. But it’s not just us. We feel the Gartner “Predicts 2023: Enterprises Must Expand from Threat to Exposure Management” report is required reading for cybersecurity teams adopting an exposure management pro...
Tenable 網路觀察:China’s ‘Volt Typhoon’ Targets U.S. Critical Infrastructure, BEC Attacks Skyrocket, and more
This week’s edition of the Tenable Cyber Watch unpacks the White House’s updates to its National AI R&D Strategic Plan and addresses the recent surge in business email compromise scams. Also covered: CISA’s warning about Volt Typhoon, the hackers backed by the Chinese government that have been targe...
CVE-2023-34362:MOVEIt Transfer 重大零時差弱點遭到猖獗利用
Discovery of a new zero-day vulnerability in MOVEit Transfer becomes the second zero-day disclosed in a managed file transfer solution in 2023, with reports suggesting that threat actors have stolen data from a number of organizations....
網路安全概要: AI 會把我們全都消滅掉嗎?您應如何大幅提升身分安全?您有採用雲端安全框架嗎?
Check out a hair-raising warning from AI experts. Plus, find out why securing identities is getting harder than ever – and how to fix it. Also, how a cloud security framework can help you – a lot. In addition, check out nifty SaaS security tips. And much more!...
Tenable 網路觀察:OpenAI 執行長赴國會聽證;認識暗網上受到最新 AI 訓練的 DarkBERT;以及更多
This week’s edition of the Tenable Cyber Watch unpacks Sam Altman’s testimony before Congress on AI risks and regulations, and addresses the importance of cyberattack victims speaking up after an attack. Also covered: An introduction to DarkBERT, the only AI trained on the Dark Web. ...