Blog de Tenable

Puntos destacados

September 30, 2025

The Trifecta: How Three New Gemini Vulnerabilities in Cloud Assist, Search Model, and Browsing Allowed Private Data Exfiltration

Tenable Research discovered three vulnerabilities (now remediated) within Google’s Gemini AI assistant suite, which we dubbed the Gemini Trifecta. These vulnerabilities exposed users to severe privacy risks. They made Gemini vulnerable to: search-injection attacks on its Search Personalization Model; log-to-prompt injection attacks against Gemini Cloud Assist; and exfiltration of the user’s saved information and location data via the Gemini Browsing Tool.

Liv Matan

June 8, 2022

AWS, Azure and GCP: The Ultimate IAM Comparison

AWS vs. Azure vs. GCP — how do these cloud providers compare when it comes to IAM? Read on to find out.

El equipo de Tenable

June 8, 2022

So Many CVEs, So Little Time: Zero In and ‘Zero Click’ into the Current Vulnerability Landscape

Among the thousands of vulnerabilities disclosed so far in 2022, we highlight five and explain why they matter.

Giuliana Carullo

June 6, 2022

Bringing External Attack Surface Management to the Masses with Bit Discovery

External Attack Surface Management (EASM) is an essential foundation of cybersecurity best practices. Soon, you’ll be able to take advantage of automated attack surface discovery in Tenable products.

Nathan Dyer

June 3, 2022

CVE-2022-26134: Zero-Day Vulnerability in Atlassian Confluence Server and Data Center Exploited in the Wild

A critical vulnerability in Atlassian Confluence Server and Data Center has been exploited in the wild by multiple threat actors. Organizations should review and implement mitigation guidance until a patch becomes available.

Satnam Narang

June 1, 2022

How Can We Strengthen the Cybersecurity of Critical Infrastructure? Here Are My Suggestions for CISOs, Regulators, Vendors – and All Citizens

A year after the ransomware attack against the Colonial Pipeline, what can we do to further harden the IT and OT systems of power plants, fuel pipelines, water treatment plants and similar facilities?

Marty Edwards

Mayo de 31, 2022

CVE-2022-30190: Zero Click Zero Day in Microsoft Support Diagnostic Tool Exploited in the Wild

Microsoft confirms remote code execution vulnerability in Microsoft Windows Support Diagnostic Tool that has been exploited in the wild since at least April.

Claire Tills

Mayo de 26, 2022

Twitter Crypto Scams: Bored Ape Yacht Club, Azuki and Other Projects Impersonated to Steal NFTs, Digital Currencies

Scammers are using verified and unverified accounts to impersonate notable NFT projects like Bored Ape Yacht Club and others, tagging Twitter users to drive them to phishing websites.

Satnam Narang

Mayo de 25, 2022

Security Improvements for Our Ecommerce Customers

We were recently informed by Kulkan Security of a design flaw in our third-party ecommerce fulfillment system, cleverbridge, that could have potentially allowed customers to accidentally disclose their purchasing information (i.e., last 4 digits of credit card used, credit card expiration date,…

Kerry Miller

Mayo de 25, 2022

6 Tips for Successfully Securing Your AWS Environment

Top six actions and practices you can take to protect your AWS environment today.

El equipo de Tenable

Plataforma de gestión de exposición Tenable One

Categorías de plataforma

Capacidades de plataforma

Exposición en la nube

Exposición de vulnerabilidades

AI Exposure

Exposición de OT/IoT

Exposición de identidades

Necesidades de negocios

Industrias

Cumplimiento

Sector público

El diferencial de Tenable

Comparar Tenable:

Recursos

Investigación

Socios de Tenable Assure

Otras oportunidades de socios

Soporte

Servicios

Tenable Trust

Acerca de nosotros

Medios de comunicación

Contáctenos

Únase a nosotros

Blog de Tenable

The Trifecta: How Three New Gemini Vulnerabilities in Cloud Assist, Search Model, and Browsing Allowed Private Data Exfiltration

AWS, Azure and GCP: The Ultimate IAM Comparison

So Many CVEs, So Little Time: Zero In and ‘Zero Click’ into the Current Vulnerability Landscape

Bringing External Attack Surface Management to the Masses with Bit Discovery

CVE-2022-26134: Zero-Day Vulnerability in Atlassian Confluence Server and Data Center Exploited in the Wild

How Can We Strengthen the Cybersecurity of Critical Infrastructure? Here Are My Suggestions for CISOs, Regulators, Vendors – and All Citizens

CVE-2022-30190: Zero Click Zero Day in Microsoft Support Diagnostic Tool Exploited in the Wild

Twitter Crypto Scams: Bored Ape Yacht Club, Azuki and Other Projects Impersonated to Steal NFTs, Digital Currencies

Security Improvements for Our Ecommerce Customers

6 Tips for Successfully Securing Your AWS Environment

Un vistazo al Ecosistema de ransomware

Blog de Tenable

Noticias de ciberseguridad que le son útiles

¡Gracias por suscribirse!

Un vistazo al Ecosistema de ransomware

Tenable Vulnerability Management

Tenable Vulnerability Management

Gracias

Tenable Vulnerability Management

Tenable Vulnerability Management

Gracias

Tenable Vulnerability Management

Tenable Vulnerability Management

Gracias

Probar Tenable Web App Scanning

Comprar Tenable Web App Scanning

Gracias

Solicite una demostración de Tenable Security Center

Solicite una demostración de Tenable OT Security

Solicitar demostración

Solicite una demostración de Tenable Cloud Security

Ver Tenable One en acción

Primeros pasos de Tenable AI Exposure

Vea a Tenable Attack Surface Management en acción

Obtener una demostración de Tenable Enclave Security

Gracias

Probar Tenable Nessus Professional gratuitamente

Comprar Tenable Nessus Professional

Probar Tenable Nessus Expert gratuitamente

Comprar Tenable Nessus Expert

Entérese de cómo Tenable ayuda a cumplir con los requisitos del Plan de Ciberseguridad SLCGP

Obtenga una demostración de Tenable Patch Management

Póngase en contacto con un representante de ventas

Ver
Tenable One
en acción