MrBeast 诈骗:经过验证的帐户,DeepFakes 用于在 Impersonations 中在 YouTube 和 TikTok 上推广虚假赠品
MrBeast, the most popular YouTube creator as of October 2023, has been impersonated in a variety of scams on YouTube and TikTok, including a recent deepfake promoting a free iPhone giveaway...
CISA 将可通过蓝牙利用的漏洞添加到 KEV
Updated Oct. 5: As of Oct. 4, 2023, CISA has removed the five Owl Labs vulnerabilities from KEV. CISA notes that it "is continually collaborating with partners across government and the private sector. As a result of this collaboration, CISA has concluded that there is insufficient evidence to keep ...
Tenable 2023 年夺旗比赛:赢家为...
It's time to crown the winners of this year's Capture the Flag Event!...
使用服务定位协议 (SLP) 查找公开的管理接口
Exposed management interfaces are valuable entry points for attackers. CISA Binding Operational Directive 23-02 calls for getting them off the internet. Here’s a novel approach for finding some of these elusive devices using SLP....
CVSSv4 is Coming: What Security Pros Need To Know
The latest revision of the industry standard for ranking vulnerabilities has some changes that practitioners will find useful. Here, we'll discuss them, as well as Tenable' plans to implement the scoring system in its products....
想深入了解风险暴露管理吗?阅读此 Gartner® 报告
At Tenable, we believe that you need exposure management to protect your modern attack surface. But it’s not just us. We feel the Gartner “Predicts 2023: Enterprises Must Expand from Threat to Exposure Management” report is required reading for cybersecurity teams adopting an exposure management pro...
注意差距:等待 NVD 会给企业带来怎样的风险
This is the first of a four-part series examining the period of time between when a vulnerability is first discovered and when it is fully disclosed on the National Vulnerability Database. We explore the impact of that gap on an organization’s cyber risk and discuss how Tenable can help....
注意差距:现有的漏洞框架如何让企业暴露在风险之下
This is the second of a four-part series examining the period of time between when a vulnerability is first discovered and when it is fully disclosed on the National Vulnerability Database. In this installment, we explore how common industry frameworks leave security teams with blind spots — and dis...
注意差距:A Closer Look at the Vulnerabilities Disclosed in 2022
This is the third of a four-part series examining the period of time between when a vulnerability is first discovered and when it is fully disclosed on the National Vulnerability Database. In this installment, we take a closer look at the vulnerabilities disclosed in 2022 —and discuss how Tenable ca...
注意差距:A Closer Look at Eight Notable CVEs from 2022
This is the last of a four-part series examining the period of time between when a vulnerability is first discovered and when it is fully disclosed on the National Vulnerability Database. In this installment, we examine eight notable CVEs with significant gaps in disclosure timelines and discuss how...
What Security Leaders Need to Know About Security End of Life: How Tenable is Leading the Way
Handling end-of-life conditions for software and hardware products is complicated by different stages and definitions. Tenable is leading the way on defining these disparate vulnerabilities under a comprehensive Security End of Life framework that addresses the common risk exposure to our customers....
Tenable 2022 年威胁形势报告:通过解决已知漏洞减少风险暴露情况
Tenable’s annual analysis of the security and threat landscape offers guidance to help security professionals navigate the expanding attack surface....
