Tenable blog
CVE-2025-54135, CVE-2025-54136: Frequently Asked Questions About Vulnerabilities in Cursor IDE (CurXecute and MCPoison)
有关 AnyDesk 安全事件的常见问题
Frequently asked questions relating to a security incident at AnyDesk that was publicly disclosed on February 2....
網路安全快照: Attackers Hack Routers To Hit Critical Infrastructure, as CISA Calls for More Secure Router Design
CISA is calling on router makers to improve security, because attackers like Volt Typhoon compromise routers to breach critical infrastructure systems. Meanwhile, data breaches hit an all-time high in the U.S. Plus, Italy says ChatGPT violates EU privacy laws. And a cyber expert calls on universitie...
不良身份安全机制是 Microsoft 遭集权国家攻击的根源
Microsoft 遭遇的这起最新泄露事件再次表明,光靠检测与响应是不够的。Because the source of an attack almost always boils down to a single overlooked user and permission, it’s critical for organizations to have strong preventive security....
CVE-2023-46805, CVE-2024-21887, CVE-2024-21888 and CVE-2024-21893: Frequently Asked Questions for Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways
Frequently asked questions for five CVEs affecting Ivanti Connect Secure and Policy Secure Gateways, with three of the vulnerabilities having been exploited in the wild as zero-days....
云计算领导者就关键挑战发声
Too many identities, systems and cooks in the kitchen cloud an already complex mandate....
不是攻击路径分析的高手? Tenable ExposureAI 助您实现主动安全
With attacks becoming more sophisticated, security teams must spend more time analyzing different entry points into the organization, as well as numerous tactics, techniques and procedures. Find out how Tenable ExposureAI helps you overcome these challenges and enhances your efficiency and productiv...
網路安全快照: New Guide Details How To Use AI Securely, as CERT Honcho Tells CISOs To Sharpen AI Security Skills Pronto
Cyber agencies from multiple countries published a joint guide on using artificial intelligence safely. Meanwhile, CERT’s director says AI is the top skill for CISOs to have in 2024. Plus, the UK’s NCSC forecasts how AI will supercharge cyberattacks. And a global survey shows cyber pros weighing pro...
在 DoD 的 OT 系统中强化网络保护
Operational technology plays a major role in many aspects of the U.S. Department of Defense — including in military operations, in the infrastructure on bases and throughout the supply chain. Strengthening the cyber defenses of these systems is imperative. Here’s what you need to know. ...
CVE-2024-0204:Fortra GoAnywhere MFT 身份验证绕过漏洞
Proof-of-concept exploit details are available for a newly disclosed critical vulnerability in Fortra GoAnywhere Managed File Transfer (MFT), a product historically targeted by ransomware...