Tenable 博客
網路安全快照: Cyber Pros Emerge as Bold AI Adopters, While AI Changes Data Security Game, CSA Reports Say
CVE-2024-21762:严重的 Fortinet FortiOS 越界写入 SSL VPN 漏洞
Fortinet warns of “potentially” exploited flaw in the SSL VPN functionality of FortiOS, as government agencies warn of pre-positioning by Chinese state-sponsored threat actors in U.S. critical infrastructure through exploitation of known vulnerabilities
Shoring Up Water Security: Industry Leaders Testify Before Congress
The House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection recently brought together industry leaders and stakeholders to discuss the urgent need for protective measures, baseline cybersecurity standards and collaboration initiatives to fortify the nation’s critical…
網路安全快照: Critical Infrastructure Orgs Must Beware of China-backed Volt Typhoon, Cyber Agencies Warn
The Volt Typhoon hacking gang is stealthily breaching critical infrastructure IT environments so it can strike on behalf of the Chinese government, cyber agencies say. Plus, ransomware gangs netted $1 billion-plus in 2023. In addition, new group tasked with addressing the quantum computing threat…
Keep the Water Flowing for the DoD: Securing Operational Technology from Cyberattacks
Malicious actors are ramping up attacks against water and wastewater systems (WWS), which are not only attractive targets but also complex to protect. 美国Department of Defense (DoD) in particular operates a large number of WWS facilities. Read on to learn how a strong cybersecurity program…
有关 AnyDesk 安全事件的常见问题
Frequently asked questions relating to a security incident at AnyDesk that was publicly disclosed on February 2.
網路安全快照: Attackers Hack Routers To Hit Critical Infrastructure, as CISA Calls for More Secure Router Design
CISA is calling on router makers to improve security, because attackers like Volt Typhoon compromise routers to breach critical infrastructure systems. Meanwhile, data breaches hit an all-time high in the U.S. Plus, Italy says ChatGPT violates EU privacy laws. And a cyber expert calls on…
不良身份安全机制是 Microsoft 遭集权国家攻击的根源
Microsoft 遭遇的这起最新泄露事件再次表明,光靠检测与响应是不够的。这是因为攻击来源几乎都归结于一个疏忽的用户和权限,因而对企业而言,拥有强大的预防性安全措施至关重要。
CVE-2023-46805, CVE-2024-21887, CVE-2024-21888 and CVE-2024-21893: Frequently Asked Questions for Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways
Frequently asked questions for five CVEs affecting Ivanti Connect Secure and Policy Secure Gateways, with three of the vulnerabilities having been exploited in the wild as zero-days.
联系我们的销售团队