Tenable 博客
New Tenable Report: How Complexity and Weak AI Security Put Cloud Environments at Risk
CVE-2022-47939: Critical RCE Vulnerability in Linux Kernel
A critical remote code execution vulnerability in the Linux kernel has been publicly disclosed by Trend Micro's Zero Day Initiative in its ZDI-22-1690 advisory. The vulnerability has been given a CVSSv3 of 10.0. There are no reports of active exploitation.
網路安全快照: Tenable 对 2023 年的六大预测
As 2022 draws to a close, we asked Tenable experts what they expect for the new year. After reading the tea leaves, they’re forecasting developments in extortion attacks, OT security, SaaS threats, metaverse risks and more!
补丁星期二多年来对网络安全的影响
Dive into the history of Patch Tuesday and learn how it continues to influence the ways security teams manage patches.
CVE-2022-37958:严重的 Microsoft SPNEGO NEGOEX 漏洞问答
Microsoft recently reclassified a vulnerability in SPNEGO NEGOEX, originally patched in September, after a security researcher discovered that it can lead to remote code execution. Organizations are urged to apply these patches as soon as possible.
云原生应用程序保护平台 (CNAPP):An Evolving Approach to Cloud Security
A look at how IAM works and how CIEM enhances IAM security in the cloud.
Your Guide to IAM – and IAM Security in the Cloud
A look at how IAM works and how CIEM enhances IAM security in the cloud.
Tenable 网络观察:维持元宇宙治安、保护 AI 和 ML 安全、Daixin 对医疗机构的威胁以及改为使用集成式网络平台
To help you zap those Monday blahs, here’s a caffeinated shot of cyber news you can use: Police chiefs must get hip to the metaverse. CISOs are shifting to integrated cybersecurity platforms. There's new guidance for securing ML and AI systems. Hospitals face a ransomware threat from the Daixin…
網路安全快照: 网络钓鱼诈骗、薪资趋势、元宇宙风险、Log4J 问卷调查
Get the latest on worrisome phishing stats; businesses’ embrace of the metaverse, come what may; a (small) improvement in CISO job stability; the compensation cost of security leaders; and more!
Microsoft 的 2022 年补丁星期二解决了 48 个 CVE (CVE-2022-44698)
Microsoft addresses 48 CVEs including two zero-day vulnerabilities, one that has been exploited in the wild (CVE-2022-44698) and one that was publicly disclosed prior to a patch being available (CVE-2022-44710).