Tenable 博客
CVE-2026-35616: Fortinet FortiClientEMS improper access control vulnerability exploited in the wild
EPA 颁布针对公共供水系统的网络安全法规:Tenable 能够带来哪些助益
EPA released new regulations that require states to assess cybersecurity risks at drinking water systems and ensure these systems have sufficient cyber protections. Here’s what you need to know — and how Tenable can help.
Tenable 网络观察:U.K. 网络机构担忧 ChatGPT 会造成隐私问题,CISA 计划应对关键基础设施中的勒索软件,等等
This week’s edition of the Tenable Cyber Watch unpacks CISA’s new pilot program that detects vulnerabilities in critical infrastructure and addresses the FBI’s plea for more ransomware victims to report attacks. Also covered: Why the U.K. National Cyber Security Centre is warning ChatGPT users to…
Federating Kubernetes Workloads with Cloud Identities
Your K8s workloads legitimately need access to sensitive cloud resources – federated identities let you grant it easily and securely.
网络安全快照: 使用全新的 CISA/NSA 最佳实践加强身份和访问管理安全
Learn about a new guide packed with best practices recommendations to improve IAM systems security. Plus, cybersecurity ranks as top criteria for software buyers. Also, guess who’s also worried about ChatGPT? Oh, and do you know what a BISO is? And much more!
Navigating Cloud Security: Why Segregating Environments from Dev to Production is so Important
Segregation in cloud environments is important for security — this post explores why and offers best practice tips for acting on it.
Tenable 网络观察:了解美国国家网络安全战略,强大的 AI 技术为黄金时段助力
This week’s edition of the Tenable Cyber Watch unpacks the White House’s National Cybersecurity Strategy and explores how artificial intelligence will help cyber teams with complex attacks. Also covered: Why software vendors should prepare to submit letters of attestation to the GSA.
OpenAI’s ChatGPT and GPT-4 Used as Lure in Phishing Email, Twitter Scams to Promote Fake OpenAI Tokens
Hoping to cash in on the massive interest around OpenAI’s GPT-4 – ChatGPT’s new multimodal model – scammers have launched phishing campaigns via email and Twitter designed to steal cryptocurrency. Check out how they’re carrying out the scams and how you can avoid becoming a victim.
網路安全快照: CISA 指出勒索软件集团可能利用的关键基础设施企业的漏洞
Learn about CISA’s new program to help critical infrastructure organizations stamp out vulnerabilities associated with ransomware attacks. Plus, a U.S. government advisory with the latest on LockBit 3.0. Also, find out why the U.K.’s cyber agency is warning users about ChatGPT. And much more!
Microsoft 的 2023 年 3 月补丁星期二解决了 76 个 CVE (CVE-2023-23397)
Microsoft addresses 76 CVEs including two zero-days exploited in the wild, one of which was publicly disclosed.
