Blog de Tenable
Dynamic Objects in Active Directory: The Stealthy Threat
Assess Log4Shell Like an Attacker With Tenable’s Dynamic Detections
Defenders need to pull out all the stops when it comes to Log4Shell. Tenable provides dynamic remote Log4Shell vulnerability detections to incorporate the attacker’s perspective of your organization.
CVE-2021-44228, CVE-2021-45046, CVE-2021-4104: preguntas frecuentes acerca de Log4Shell y vulnerabilidades asociadas
Una lista de preguntas frecuentes relacionadas con Log4Shell y vulnerabilidades asociadas
Microsoft’s December 2021 Patch Tuesday Addresses 67 CVEs (CVE-2021-43890)
Microsoft addresses 67 CVEs in its December 2021 Patch Tuesday release, including a zero-day vulnerability that has been exploited in the wild.
Log4Shell: cinco pasos que la comunidad de TO debe emprender ahora mismo
Operational technology (OT) environments are equally at risk from the Apache Log4j flaw. Here's what you can do today.
Falla de Apache Log4j: El fantasma de Fukushima en el sector de ciberseguridad
Organizations around the world will be dealing with the long-tail consequences of this vulnerability, known as Log4Shell, for years to come.
La falla en Apache Log4j coloca al software de terceros bajo los reflectores
Even in the most mature organizations, addressing the issue, also known as Log4Shell, requires a complex mix of software development practices, vulnerability management and web application scanning.
CVE-2021-44228: prueba de concepto para ejecución de código remota crítica de Apache Log4j disponible (Log4Shell)
Una vulnerabilidad crítica en la popular biblioteca de registros Log4j 2 afecta a diversos servicios y aplicaciones, incluyendo Minecraft, Steam y Apple iCloud. Los atacantes han comenzado a escanear e intentar explotar activamente la falla.
How to Start Up Your Cloud Security
Startups may think they can postpone implementing a cloud security program but should in fact take early action — here’s why, and easy steps for doing so.
Presentación de Tenable.cs: ciclo de vida completo, seguridad nativa en la nube
La nueva oferta amplía la plataforma recientemente adquirida de Accurics para permitir DevSecOps y aceleración de la detección (Shift Left) en la seguridad, con controles integrados para flujos de trabajo de desarrollo y tiempo de ejecución centrados en Infrastructure as Code (IaC).