CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare
Frequently asked questions about five vulnerabilities in the Ingress NGINX Controller for Kubernetes, collectively known as IngressNightmare....
What it Takes to Start the Exposure Management Journey
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to make the shift from vulnerability management to exposure management. In this blog, Tenable Senior Staff Information Security Engineer Arnie Cabral, who is leading the company's internal expos...
Instantánea de ciberseguridad: Tenable Highlights Risks of AI Use in the Cloud, as UK’s NCSC Offers Tips for Post-Quantum Cryptography Adoption
Check out key findings and insights from the “Tenable Cloud AI Risk Report 2025.” Plus, get fresh guidance on how to transition to quantum-resistant cryptography. In addition, find out how AI is radically transforming cyber crime. And get the latest on open source software security; cyber scams; and...
Selección del proveedor de seguridad en la nube adecuado: cinco puntos no negociables para proteger su nube
Protecting your cloud environment for the long term involves choosing a security partner whose priorities align with your needs. Here's what you need to know....
What Is Exposure Management and Why Does It Matter?
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In our first blog in this new series, we get you started with an overview of the differences between the two and explore how cyber ...
Instantánea de ciberseguridad: Medusa Ransomware Impacting Critical Infrastructure, CISA Warns, While NIST Selects New Quantum-Resistant Algorithm
Check out how to protect your org against the Medusa ransomware gang. Plus, another cryptographic algorithm designed to resist quantum attacks will be standardized. Meanwhile, Tenable did a deep dive on DeepSeek’s malware-creation capabilities. And get the latest on vulnerability prioritization; CIS...
DeepSeek Deep Dive Part 1: Creating Malware, Including Keyloggers and Ransomware
Tenable Research examines DeepSeek R1 and its capability to develop malware, such as a keylogger and ransomware. We found it provides a useful starting point, but requires additional prompting and debugging....
El Martes de parches de Microsoft de marzo de 2025 aborda 56 CVE (CVE-2025-26633, CVE-2025-24983 y CVE-2025-24993)
Microsoft addresses 56 CVEs, including seven zero-day flaws, with six of those being exploited in the wild....
Instantánea de ciberseguridad: CSA Outlines Data Security Challenges and Best Practices, While ISACA Offers Tips To Retain IT Pros
Check out best practices for shoring up data security and reducing cyber risk. Plus, get tips on how to improve job satisfaction among tech staff. Meanwhile, find out why Congress wants federal contractors to adopt vulnerability disclosure programs. And get the latest on cyber scams; zero-day vulner...
CVE-2025-22224, CVE-2025-22225, CVE-2025-22226: Zero-Day Vulnerabilities in VMware ESXi, Workstation and Fusion Exploited
Broadcom published an advisory for three flaws in several VMware products that were exploited in the wild as zero-days. Organizations are advised to apply the available patches....
Creación de roles personalizados elegantes de Azure: ¡Colocación de la no acción en acción!
Creating custom Roles in Azure can be a complex process that may yield long and unwieldy Role definitions that are difficult to manage. However, it doesn’t have to be that way. Read on to learn how you can simplify this process using the Azure “NotActions” and “NotDataActions” attributes, and create...
Instantánea de ciberseguridad: OpenSSF Unveils Framework for Securing Open Source Projects, While IT-ISAC Says AI Makes Ransomware Stealthier
Check out a new framework for better securing open source projects. Plus, learn how AI is making ransomware harder to detect and mitigate. In addition, find out the responsible AI challenges orgs face today. And get the latest on AI tool sprawl; ransomware trends; and much more!...