Blog de Tenable
How Exposure Management Moves Beyond Vulnerability Scans to A Unified View of Risk
CVE-2023-20864: VMware Aria Operations para vulnerabilidad de deserialización de registros
VMware issues advisory to address two flaws in its VMware Aria Operations for Logs solution, including a critical deserialization flaw assigned a CVSSv3 score of 9.8....
Instantánea de ciberseguridad: Lo último en seguridad de la cadena de suministro: distribución SBOM, fallas en código abierto y un nuevo marco de seguridad
Check out what CISA says about the sharing of software bills of materials. Plus, why you should tread carefully with open source components. Also, the SLSA supply chain security framework is ready. In addition, security worries hold back enterprise IoT adoption. And much more!...
Actualización de parche crítica de abril de 2023 de Oracle aborda 231 CVE
Oracle addresses 231 CVEs in its second quarterly update of 2023 with 433 patches, including 74 critical updates....
Siete Marcos normativos y de cumplimiento con amplias implicaciones para la seguridad en la nube
Security teams responsible for enforcing regulatory and compliance mandates in a scalable and consistent way are often challenged to translate general legislative guidelines and controls into specific policies, tools and processes....
Anunciamos los ganadores de los 2023 Tenable Assure Partner Awards
Celebrating the elite defenders who are helping organizations around the world reduce their cyber risk....
Tenable Cyber Watch: El FBI advierte de una sofisticada estafa de BEC, NIST revela su nuevo centro de recursos de IA y más
This week’s edition of the Tenable Cyber Watch unpacks the business email compromise scams (BEC) that are targeting vendors and explores NIST’s new AI Resource Center. Also covered: The most in-demand cybersecurity jobs for this year according to COMPTIA’s “State of the Tech Workforce Report” for 20...
Instantánea de ciberseguridad: Las preocupaciones por el ChatGPT se acumulan y el gobierno de los EE. UU. considera regular la IA
As ChatGPT security worries rise, the Biden administration looks at crafting AI policy controls. Plus, Samsung reportedly limits ChatGPT use after employees fed it proprietary data. Also, how password mis-management lets ex-staffers access employer accounts. In addition, the top identity and access ...
Agentes vs. sin agentes:¿qué solución es la adecuada para su entorno de nube pública?
You can scan cloud systems for security problems in multiple ways depending on what your instances are running, how long they’re up and whether or not they can run an agent or be accessed with administrative credentials. Network scanning, installed agents, or public cloud APIs can all report finding...
El Martes de parches de Microsoft de abril de 2023 aborda 97 CVE (CVE-2023-28252)
Microsoft addresses 97 CVEs, including one that was exploited in the wild as a zero day....
