Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Tenable 블로그

July 18, 2025

CVE-2025-54309: CrushFTP Zero-Day Vulnerability Exploited In The Wild

A critical zero-day flaw in CrushFTP that can grant attackers administrator access was discovered on July 18 and is under active exploitation....


July 18, 2025

사이버 보안 스냅샷: AI Security Tools Embraced by Cyber Teams, Survey Finds, as Vulnerability Research Gets a Boost from UK Cyber Agency

Check out why AI security tools are turning into “must have” assets for cyber teams. Plus, get the details on the NCSC’s efforts to supercharge its bug hunting capabilities. Meanwhile, Tenable webinar attendees shared their experience securing machine identities. And get the latest on the crypto cri...


July 16, 2025

OCI, Oh My: Remote Code Execution on Oracle Cloud Shell and Code Editor Integrated Services

Tenable Research discovered a Remote Code Execution (RCE) vulnerability (now remediated) in Oracle Cloud Infrastructure (OCI) Code Editor. We demonstrated how an attacker could silently 1-click hijack a victim’s Cloud Shell environment and potentially pivot across OCI services. The vulnerability als...


July 15, 2025

Oracle July 2025 Critical Patch Update Addresses 165 CVEs

Oracle addresses 165 CVEs in its third quarterly update of 2025 with 309 patches, including nine critical updates....


July 14, 2025

Understanding and Managing Cyber Risk: An Exposure Management FAQ for Business Leaders

매주 월요일 Tenable 위험 노출 관리 아카데미에서는 취약성 관리에서 위험 노출 관리로 전환하기 위해 필요한 실용적이고 실제 환경에 사용할 수 있는 참조 자료를 제공합니다. In this post, we answer some questions we’ve gotten recently the best way to determine, understand and communicate your risks....


July 11, 2025

사이버 보안 스냅샷: AI Security Field Gets Boost from New CSA Framework and from SANS - OWASP Partnership

Check out a new Cloud Security Alliance framework for securing AI systems. Plus, SANS Institute and OWASP are joining forces to deliver AI security controls. Meanwhile, Accenture finds orgs unprepared to counter AI-powered cyber attacks. And get the latest on the Iran cyber threat, SMB cyber defense...


July 9, 2025

Tenable에서 Anthropic MCP Inspector에 중요 원격 코드 실행 취약성을 발견한 방식

Tenable Research recently discovered a critical vulnerability impacting Anthropic's MCP Inspector tool, a core element of the MCP ecosystem. In this blog, we provide details on how we discovered the vulnerability in this widely used open-source tool — and what users can do about it.....


July 9, 2025

AI 보안: 급하게 MCP 서버를 사용하면서 웹 약점이 다시 나타남

In the rush to implement AI tools and services, developers are rapidly embracing the Model Context Protocol (MCP). In the process, classic vulnerabilities are resurfacing and new ones are being introduced. In this blog, we outline key areas of concern and how Tenable Web App Scanning can help....


July 8, 2025

Microsoft의 2025년 7월 Patch Tuesday에서 128개의 CVE(CVE-2025-49719)를 처리

Microsoft addresses 128 CVEs, including one zero-day vulnerability that was publicly disclosed....


July 7, 2025

공격 표면 이해하기: 효과적 위험 노출 관리의 핵심

매주 월요일 Tenable 위험 노출 관리 아카데미에서는 취약성 관리에서 위험 노출 관리로 전환하기 위해 필요한 실용적이고 실제 환경에 사용할 수 있는 참조 자료를 제공합니다. In this post, Tenable security engineer Aaron Roy shares how he led the integration of attack surface management with exposure mana...


July 4, 2025

사이버 보안 스냅샷: Expert Advice for Boosting AI Security

With businesses going gaga for artificial intelligence, securing AI systems has become a key priority and a top challenge for cybersecurity teams, as they scramble to master this emerging and evolving field. In this special edition of the Cybersecurity Snapshot, we highlight some of the best practic...


July 2, 2025

N퍼블릭 클라우드 취약성 관리 탐색: 네트워크 스캐너, 에이전트 또는 에이전트리스를 선택하는 경우

There are various approaches to managing vulnerabilities on cloud workloads, and knowing which vulnerability scan method to use is critical to your success. However, there isn’t a universally correct choice. How can you identify the best approach for you?...


도움이 되는 사이버 보안 뉴스

이메일을 입력하여 Tenable 전문가에게서 적시에 알림을 받고 보안 참고 자료를 놓치지 마십시오.

Apache Log4j Flaw Puts Third-Party Software in the Spotlight

Get the Details >