Unused Access Analyzer: A Leap Toward Least Privilege, Not the End of the Journey
AWS IAM Access Analyzer can now detect action-level unused permissions. It’s a great enhancement in the native toolbox to achieve least privilege — but if you need comprehensive entitlements management at scale you will probably need additional tooling and work. Find out why and what you can do to…
CVE-2024-21762: Vulnerabilidad crítica de escritura fuera de línea en SSL VPN de Fortinet FortiOS
Fortinet warns of “potentially” exploited flaw in the SSL VPN functionality of FortiOS, as government agencies warn of pre-positioning by Chinese state-sponsored threat actors in U.S. critical infrastructure through exploitation of known vulnerabilities
Shoring Up Water Security: Industry Leaders Testify Before Congress
The House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection recently brought together industry leaders and stakeholders to discuss the urgent need for protective measures, baseline cybersecurity standards and collaboration initiatives to fortify the nation’s critical…
Instantánea de ciberseguridad: Critical Infrastructure Orgs Must Beware of China-backed Volt Typhoon, Cyber Agencies Warn
The Volt Typhoon hacking gang is stealthily breaching critical infrastructure IT environments so it can strike on behalf of the Chinese government, cyber agencies say. Plus, ransomware gangs netted $1 billion-plus in 2023. In addition, new group tasked with addressing the quantum computing threat…
Keep the Water Flowing for the DoD: Securing Operational Technology from Cyberattacks
Malicious actors are ramping up attacks against water and wastewater systems (WWS), which are not only attractive targets but also complex to protect. El Department of Defense (DoD) in particular operates a large number of WWS facilities. Read on to learn how a strong cybersecurity program…
Preguntas frecuentes sobre incidente de seguridad en AnyDesk
Frequently asked questions relating to a security incident at AnyDesk that was publicly disclosed on February 2.
Instantánea de ciberseguridad: Attackers Hack Routers To Hit Critical Infrastructure, as CISA Calls for More Secure Router Design
CISA is calling on router makers to improve security, because attackers like Volt Typhoon compromise routers to breach critical infrastructure systems. Meanwhile, data breaches hit an all-time high in the U.S. Plus, Italy says ChatGPT violates EU privacy laws. And a cyber expert calls on…
La mala higiene de identidades es la raíz del ataque de estado nación contra Microsoft
La última filtración de datos sufrida por Microsoft muestra una vez más que la detección y la respuesta no son suficientes. Debido a que el origen de un ataque casi siempre se limita a un único usuario y permisos pasados por alto, es imprescindible que las organizaciones cuenten con una seguridad preventiva robusta.
CVE-2023-46805, CVE-2024-21887, CVE-2024-21888 and CVE-2024-21893: Frequently Asked Questions for Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways
Frequently asked questions for five CVEs affecting Ivanti Connect Secure and Policy Secure Gateways, with three of the vulnerabilities having been exploited in the wild as zero-days.
Los líderes de seguridad en la nube hablan de los desafíos clave
Demasiadas identidades, sistemas y personas trabajando en la nube en un cargo que ya es de por sí complejo.
¿No es una cinta negra en análisis de ruta de ataque? Tenable ExposureAI le ayuda a obtener seguridad proactiva
With attacks becoming more sophisticated, security teams must spend more time analyzing different entry points into the organization, as well as numerous tactics, techniques and procedures. Find out how Tenable ExposureAI helps you overcome these challenges and enhances your efficiency and…
Instantánea de ciberseguridad: New Guide Details How To Use AI Securely, as CERT Honcho Tells CISOs To Sharpen AI Security Skills Pronto
Cyber agencies from multiple countries published a joint guide on using artificial intelligence safely. Meanwhile, CERT’s director says AI is the top skill for CISOs to have in 2024. Plus, the UK’s NCSC forecasts how AI will supercharge cyberattacks. And a global survey shows cyber pros weighing…
Contact our sales team