Tenable 博客
Microsoft’s September 2025 Patch Tuesday Addresses 80 CVEs (CVE-2025-55234)
網路安全快照: 随着加密货币欺诈急剧增加,俄罗斯支持的黑客对关键基础设施企业下手
Critical infrastructure operators must beware of Russian military hacking groups. Plus, cyber scammers are having a field day with crypto fraud. Meanwhile, AI and cloud vendors face stricter reporting regulations in the U.S. And get the latest on AI-model risk management and on cybersecurity…
Microsoft 2024 年 9 月补丁星期二修复了 79 个 CVE (CVE-2024-43491)
Microsoft addresses 79 CVEs with seven critical vulnerabilities and four zero-day vulnerabilities, including three that were exploited in the wild.
CVE-2021-20123、CVE-2021-20124:Tenable Research 发现的 DrayTek 漏洞已增加到 CISA KEV
With patches out for three years, attackers have set their sights on a pair of vulnerabilities affecting DrayTek VigorConnect.
網路安全快照: RansomHub Group Triggers CISA Warning, While FBI Says North Korean Hackers Are Targeting Crypto Orgs
Cybersecurity teams must beware of RansomHub, a surging RaaS gang. Plus, North Korea has unleashed sophisticated social-engineering schemes against crypto employees. Meanwhile, a new SANS report stresses the importance of protecting ICS and OT systems. And a Tenable poll sheds light on cloud-native…
網路安全快照: Schools Suffer Heavy Downtime Losses Due To Ransomware, as Banks Grapple with AI Challenges
The cost of ransomware downtime in schools gets pegged at $500K-plus per day. Meanwhile, check out the AI-usage risks threatening banks’ cyber resilience. Plus, Uncle Sam is warning about a dangerous Iran-backed hacking group. And get the latest on AI-system inventories, the APT29 nation-state…
AA24-241A:关于针对美国企业的伊朗网络攻击者的联合网络安全咨询
A joint Cybersecurity Advisory highlights Iran-based cyber actor ransomware activity targeting U.S. organizations. The advisory includes CVEs exploited, alongside techniques, tactics and procedures used by the threat actors.
The Data-Factor: Why Integrating DSPM Is Key to Your CNAPP Strategy
DSPM solutions provide a comprehensive, up-to-date view into cloud-based data and risk. An integrated CNAPP and DSPM solution elevates this analysis to expose toxic combinations and security gaps across cloud environments.
Secure Your Sprawling Attack Surface With Risk-based Vulnerability Management
The cloud, artificial intelligence (AI), machine learning and other technological breakthroughs are radically changing the modern work environment. New assets and services offer increased flexibility, growth potential and access to more resources. However, they also introduce new security risks…
通过 FCC Cybersecurity Pilot Program(FCC 网络安全试点计划为)K-12 学校和图书馆提供 2 亿美元网络安全资金
Empowering K-12 schools and libraries to strengthen their cybersecurity posture with new funding opportunities and best practices.
