Blog de Tenable
New Malicious npm Package "ambar-src" Targets Developers with Open Source Malware
CVE-2022-3786 y CVE-2022-3602: OpenSSL coloca parches en dos vulnerabilidades de gravedad alta
OpenSSL has patched two vulnerabilities, pivoting from its earlier announcement, in version 3.0.7.
What You Should Know about the New OpenSSL Vulnerability
How to detect which OpenSSL version you’re running and if your organization is exposed to the critical OpenSSL vulnerabilities - CVE-2022-3602 (Remote Code Execution) and CVE-2022-3786 (Denial of Service) - and what to do about it.
Instantánea de ciberseguridad: Tips for cloud configs, MSP vetting, CISO board presentations
Get the latest on Microsoft 365 security configurations; effective CISO board presentations; rating MSPs’ cybersecurity preparedness; and hospitals’ Daixin cyberthreat.
IBM Cost of a Data Breach 2022 – Highlights for Cloud Security Professionals
Learn from the 2022 IBM report about the true cost of ransomware, compromised credentials and other breaches.
To Boost Software Supply Chain Security, Stop the Finger-Pointing
Google’s annual DevOps report finds that organizations with a low-blame, collaborative approach have stronger app dev security practices.
CVE-2021-39144: VMware Patches Critical Cloud Foundation Vulnerability in XStream Open Source Library
VMware issues patches for end-of-life versions of Cloud Foundation Network Security Virtualization for vSphere (NSX-V) to address a critical vulnerability in an open source library. Background On October 25, VMware published VMSA-2022-0027, an advisory for multiple vulnerabilities in its…
Instantánea de ciberseguridad: Seis cosas que importan ahora
Topics that are top of mind for the week ending Oct. 21 | The problem with Gen Zers and Millennials | Global shortage of cybersecurity pros worsens | An informal poll about attack surface growth | Password usage drops a bit | And much more!
Gestión de exposición: nuestra visión para proteger la superficie de ataque moderna
Securing today's complex and dynamic IT environments requires bringing together vulnerability management, web application security, cloud security, identity security, attack path analysis and external attack surface management to help you understand the full breadth and depth of your exposures.
Oracle October 2022 Critical Patch Update Addresses 179 CVEs
Oracle addresses 179 CVEs in its fourth and final quarterly update of 2022 with 370 patches, including 56 critical updates.