Tenable 部落格
Dynamic Objects in Active Directory: The Stealthy Threat
身分在網路攻擊的 5 個階段中扮演的角色
While credential abuse is a primary initial access vector, identity compromise plays a key role in most stages of a cyber attack. Here’s what you need to know — and how Tenable can help.
5 分鐘內加強雲端安全:How DSPM Helps You Discover, Classify and Secure All Your Data Assets
In this fourth installment of Tenable’s “Stronger Cloud Security in Five” blog series, we turn our attention to securing cloud data, a complex endeavor as data grows exponentially and threats become more sophisticated. Check out five DSPM best practices to sharpen your cloud data security and…
How Exposure Management Can Efficiently and Effectively Improve Cyber Resilience for State and Local Governments
State and local governments must grapple with resource constraints even as they face increased demand for cybersecurity vigilance to protect critical infrastructure and essential services. Here’s how exposure management can help.
We’re Answering Your Exposure Management Questions
每週一,Tenable 曝險管理學院都會分享實用且貼近真實世界的指引,協助您從弱點管理成功轉向曝險管理。 In this Exposure Management Academy FAQ, we help CISOs understand exposure management, look at how advanced you might be and…
網路安全概要: Reports Highlight Promise and Peril of Open Source AI and of Emerging Cryptography Methods
Check out a study that outlines the risks and benefits of open-source AI tools. Meanwhile, the NCSC unpacks use cases for new, alternative encryption technologies. Plus, ISACA urges orgs to begin their post-quantum cryptography migration. And get the latest on assessing software products’ security;…
曝險管理的統一方法:全新推出 Tenable One 連接器和自訂的風險儀表板
有效风险暴露管理计划的关键是提供统一的可见性和上下文信息。Learn how the new Tenable One connectors and unified dashboards give you a comprehensive view of your attack surface, help you streamline decision-making and empower your teams to uncover hidden risks,…
CVE-2025-32756:在多個 Fortinet 產品中遭到猖獗刺探利用的零時差弱點
Fortinet has observed threat actors exploiting CVE-2025-32756, a critical zero-day arbitrary code execution vulnerability which affects multiple Fortinet products including FortiVoice, FortiMail, FortiNDR, FortiRecorder and FortiCamera.
CVE-2025-4427、CVE-2025-4428:Ivanti Endpoint Manager Mobile (EPMM) 遠端程式碼執行
Remote code execution vulnerability in a popular mobile device management solution from Ivanti has been exploited in the wild in limited attacks
Microsoft 2025 年 5 月的 Patch Tuesday 解決了 71 個 CVE (CVE-2025-32701、CVE-2025-32706、CVE-2025-30400)
Microsoft addresses 71 CVEs including seven zero-days, five of which were exploited in the wild.
