Tenable 部落格
CVE-2025-25256: Proof of Concept Released for Critical Fortinet FortiSIEM Command Injection Vulnerability
The Default Toxic Combination of GCP Compute Engine Instances
By default, compute instances in GCP are prone to a toxic combination that you should be aware of, and can avoid and fix....
OT 航運安全:前方是波濤洶湧、抑或是一帆風順?
海運業的網路安全正在經歷重大變動。互相連接的船舶與新技術提高了海運業的效率,同時也增加了網路風險。Here's what you need to know about the challenges and risks these floating cities face —...
How Exposure Management Can Make Pen Testing More Effective
Pen testing needs to be supplemented with a routine vulnerability scanning schedule to pick up changes that may introduce vulnerabilities over time, to improve efficiencies in the overall process and to reduce the overhead costs in the penetration testing process....
降低廠房風險的務實方法
在製造業工作場所中有許多網路安全雜訊,您該從何著手?讓我們化繁為簡,先瞭解攻擊者行動背後的原因、以及您可以怎麼做來阻止他們。重點就在於降低風險,以及讓您付出的心力發揮最佳成效。 Read on to learn mor...
CVSSv4 is Coming: What Security Pros Need To Know
The latest revision of the industry standard for ranking vulnerabilities has some changes that practitioners will find useful. Here, we'll discuss them, as well as Tenable' plans to implement the scoring system in its products....
Tenable 網路觀察:Verizon 的資料外洩調查報告 (DBIR) 針對商務電子郵件入侵 (BEC) 以及勒索軟體發出警示、雲端安全成為資安長的頭號隱憂,以及更多資安要點
This week’s edition of the Tenable Cyber Watch unpacks Verizon’s DBIR 2023 report and its warnings about the rise in BEC scams and ransomware attacks and addresses the greatest areas of concerns for cybersecurity leaders. Also covered: why app stores may soon be required to disclose their apps’ coun...
CVE-2023-33299: FortiNAC 出現嚴重的遠端程式碼執行弱點
Fortinet has released a patch fixing a remote code execution vulnerability in several versions of FortiNAC...
網路安全概要: As Feds Hunt CL0P Gang, Check Out Tips on Ransomware Response, Secure Cloud Management and Cloud App Data Privacy
Learn all about the U.S. government’s reward for CL0P ransomware leads. Plus, check out ransomware incident response recommendations. Also, review concrete guidance on cloud system administration and on designing cloud apps with privacy by default. And much more!...
Shared Responsibility Model in the Cloud
CSPs have embraced a shared responsibility model to define the security responsibilities for different components of the architecture....
