Scams Exploit COVID-19 Giveaways Via Venmo, PayPal and Cash App
The economic impact of COVID-19, which is causing record unemployment, creates a golden opportunity for scammers looking to target vulnerable people desperate for cash to help pay their bills.As Cash App steps up the frequency of its giveaways, and celebrities and other notable figures launch giveaw...
什么是 VPR?它与 CVSS 有什么区别?
This blog series will provide an in-depth discussion of vulnerability priority rating (VPR) from a number of different perspectives. Part one will focus on the distinguishing characteristics of VPR that make it a more suitable tool for prioritizing remediation efforts than the Common Vulnerability S...
CVE-2020-1938: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (CNVD-2020-10487)
Several proof-of-concept exploit scripts for recently patched flaw in Apache Tomcat are now available.BackgroundOn February 20, China National Vulnerability Database (CNVD) published a security advisory for CNVD-2020-10487, a severe vulnerability in Apache Tomcat’s Apache JServ Protocol (or AJP). AJ...
Am I Smart or Just Lucky? Understanding Your Process Integrity Risk with Tenable Lumin
Business system risk and process integrity risk are two essential metrics for a mature risk-based vulnerability management practice. With new assessment maturity scoring, Tenable Lumin now gives you insights into both. Risk-based vulnerability management requires metrics addressing two types of r...
现金应用程序欺诈:先用赠品诱惑 Instagram 用户,然后通过 YouTube 视频承诺轻松的赚钱渠道
Cash App scammers are targeting users on Instagram and YouTube. Here’s what you need to know about their tactics — and how to avoid being conned.In part one of our two-part series on Cash App scammers, I explored how promotional tactics used by the popular person-to-person (P2P) payment service...
如何选择合适的漏洞管理解决方案
As vulnerability management evolves, organizations are seeing increased need for prioritization, benchmarking and flexible reporting. Here are five things to keep in mind when choosing a vulnerability management solution.Vulnerability management is once again rising to the top of the security agenda...
Tenable Lumin:将漏洞管理转化为业务语言
With Tenable Lumin, we’re giving customers a bridge between the language of vulnerability management and the language of business. In our work here at Tenable, we often hear from our CISO customers about the dual challenges they face: How to help business executives and the board unde...
How To: Run Your First Vulnerability Scan with Nessus
Get your Nessus vulnerability assessment tool up and running with these five easy steps.With Nessus, you can gain full visibility into your network by conducting a vulnerability assessment. Read on as we guide you through the five steps to run your first Nessus scan. (If you have not yet installed N...
漏洞管理基础:您需要了解的要点
In part one of our five-part series on vulnerability management fundamentals, we explore the four stages of the Cyber Exposure lifecycle. ...
安全团队:关于漏洞响应,您需要了解的要点
Tenable’s Predictive Prioritization leverages data science and machine learning to make it easier for cybersecurity teams to find, patch and remediate vulnerabilities. Week after week, critical vulnerabilities in enterprise software are found and published, sending security teams off ...
Nessus Home Is Now Nessus Essentials
We’ve given Nessus Home a refresh, and we’re excited to share with you the new and updated free vulnerability assessment solution, Nessus Essentials. As part of the Nessus family, Nessus Essentials is a free vulnerability assessment solution for up to 16 IPs that provides an entry point into th...
摆脱电子表格,漏洞管理攻防战更上层楼
从 Nessus Pro 迁移到 Tenable.sc 或 Tenable.io,可轻松帮助完善漏洞管理计划。以下是需要了解的信息。漏洞管理工作流在任何环节用到电子表格了吗?如果是这样,那就该纠正一下了。Well, maybe not wrong per se, but defini...
