Blog de Tenable
Instantánea de ciberseguridad: AI Security Trails AI Usage, Putting Data at Risk, IBM Warns, as OWASP Tackles Agentic AI App Security
CVE-2023-20887: VMware Aria Operations para inyección de comandos de redes
VMware issues advisory to address three flaws in its VMware Aria Operations for Networks solution, including a critical command injection flaw assigned a CVSSv3 score of 9.8....
El Martes de parches de Microsoft de junio de 2023 aborda 70 CVE (CVE-2023-29357)
Microsoft addresses 70 CVEs in its June 2023 Patch Tuesday update including six rated as critical....
CVE-2023-27997: Desbordamiento de búfer basado en la pila en Fortinet FortiOS y FortiProxy SSL-VPN (XORtigate)
Fortinet says a critical flaw in its SSL-VPN product may have been exploited in the wild in a limited number of cases. Organizations are strongly encouraged to apply these patches immediately....
Tenable Cyber Watch: Seis conceptos cibernéticos erróneos críticos y comunes, mejores prácticas para aumentar la seguridad de IAM y más
This week’s edition of the Tenable Cyber Watch unpacks the six most critical and common cyber misconceptions and shares tips on how to better distribute software bills of materials. Also covered: the best practices to boost IAM security from CISA and the NSA. ...
Instantánea de ciberseguridad: ¿Genera su propio ChatGPT? Aprenda cómo evitar los riesgos para la seguridad de los modelos de IA
Find out why cyber teams must get hip to AI security ASAP. Plus, check out the top risks of ChatGPT-like LLMs. Also, learn what this year’s Verizon DBIR says about BEC and ransomware. Plus, the latest trends on SaaS security. And much more!...
Mastering the Art of Kubernetes Security
With Kubernetes’ explosive adoption by the development community comes an urgent need to secure clusters and ensure their compliance effectively....
¿Quiere saber más acerca de la gestión de exposición? Vea este informe de Gartner®
At Tenable, we believe that you need exposure management to protect your modern attack surface. But it’s not just us. We feel the Gartner “Predicts 2023: Enterprises Must Expand from Threat to Exposure Management” report is required reading for cybersecurity teams adopting an exposure management pro...
Tenable Cyber Watch: El ‘Volt Typhoon’ chino es usado para atacar a los EE. UU. Infraestructura crítica, los ataques BEC se disparan y más
This week’s edition of the Tenable Cyber Watch unpacks the White House’s updates to its National AI R&D Strategic Plan and addresses the recent surge in business email compromise scams. Also covered: CISA’s warning about Volt Typhoon, the hackers backed by the Chinese government that have been targe...
CVE-2023-34362: MOVEIt Transfer, vulnerabilidad de día cero crítica explotada en la realidad
Discovery of a new zero-day vulnerability in MOVEit Transfer becomes the second zero-day disclosed in a managed file transfer solution in 2023, with reports suggesting that threat actors have stolen data from a number of organizations....