El Martes de parches de Microsoft de junio de 2025 aborda 65 CVE (CVE-2025-33053)
Microsoft addresses 65 CVEs, including two zero-day vulnerabilities, with one being exploited in the wild....
Cómo utilizar las métricas basadas en el riesgo en un programa de gestión de exposición
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this post, Tenable security engineers Arnie Cabral and Jason Schavel share how you can use risk-based metrics. ...
Instantánea de ciberseguridad: Experts Issue Best Practices for Migrating to Post-Quantum Cryptography and for Improving Orgs’ Cyber Culture
Check out a new roadmap for adopting quantum-resistant cryptography. Plus, find out how your company can create a better cybersecurity environment. In addition, MITRE warns about protecting critical infrastructure from cyber war. And get the latest on exposure response strategies and on CISO compens...
Seguridad en la nube más robusta en cinco minutos: 3 formas rápidas de mejorar la seguridad de Kubernetes en GCP
In this fifth installment of Tenable’s “Stronger Cloud Security in Five” blog series, we offer three best practices for quickly hardening your Kubernetes environment’s security in GCP: remove wide inbound access to cluster APIs; remove root permissions from containers; and remove privileged permissi...
Abuso de las extensiones del lado del cliente (CSE): una puerta trasera hacia su entorno de AD
Crucial for applying Active Directory Group Policy Objects, client-side extensions (CSEs) are powerful but also present a significant, often overlooked, attack vector for persistent backdoors. Rather than cover well-documented common abuses of built-in CSEs, this article demonstrates how to create c...
Preguntas frecuentes acerca de BadSuccessor
Frequently asked questions about “BadSuccessor,” a zero-day privilege escalation vulnerability in Active Directory domains with at least one Windows Server 2025 domain controller....
Yendo más allá de los silos con la gestión de exposición
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this post, Tenable’s chief security officer Robert Huber looks at how exposure management can help you move beyond silos....
Instantánea de ciberseguridad: New Standard for AI System Security Published, While Study Finds Cyber Teams Boost Value of Business Projects
Check out ETSI’s new global standard for securing AI systems and models. Plus, learn how CISOs and their teams add significant value to orgs’ major initiatives. In addition, discover what webinar attendees told Tenable about their cloud security challenges. And get the latest on properly decommissio...
Adelantarse al riesgo de la IA: qué sigue para Tenable
The acquisition of Apex Security adds a powerful new layer of visibility, context and control to the Tenable One Exposure Management Platform to govern usage, enforce policy and control exposure across both the AI that organizations use and the AI they build....
Where Capability Meets Opportunity: Introducing the Tenable Research Special Operations Team
Meet the elite squad that’s hunting the next major cyberattack. With more than 150 years of combined research experience and expert analysis, the Tenable Research Special Operations team arms organizations with the critical and actionable intelligence necessary to proactively defend the modern attac...
ICYMI: una retrospectiva de los aspectos destacados de Exposure Management Academy
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. This week, we look back on some highlights from the first couple of months of posts, including the broad view exposure management p...
Instantánea de ciberseguridad: AI Data Security Best Practices Released, While New Framework Seeks To Help IT Pros Gain Cyber Skills
Check out expert recommendations for protecting your AI system data. Plus, boost your IT department’s cybersecurity skills with a new interactive framework. In addition, learn about a malware campaign targeting critical infrastructure orgs. And get the latest on Russian cyber espionage and on a NIST...