Oracle 2022년 7월 중요 패치 업데이트로 183개 CVE 해결
Oracle addresses 183 CVEs in its third quarterly update of 2023 with 508 patches, including 76 critical updates....
CVE-2023-3519: Netscaler ADC(Citrix ADC) 및 Netscaler Gateway(Citrix Gateway)에 중요 RCE
Citrix has released a patch fixing a remote code execution vulnerability in several versions of Netscaler ADC and Netscaler Gateway that has been exploited. Organizations are urged to patch immediately....
Tenable Cyber Watch: NAIAC에서 바이든 대통령에게 첫 보고서 제출, 80%의 직원이 회사에서 ChatGPT 금지를 반대 등
This week’s edition of Tenable Cyber Watch unpacks the NAIAC’s first report delivered to President Biden and explores Glassdoor’s survey finding that 80% of employees oppose ChatGPT bans at their workplace. Also covered: CISA releases two new guides aimed at helping cyber teams protect cloud apps. ...
사이버 보안 스냅샷: CISA 및 NSA에서 CI/CD 보안에 집중, MITRE에서 최고 소프트웨어 약점 순위 지정
Learn about the guidance from the U.S. government for defending CI/CD pipelines. Plus, check out the 25 most dangerous software weaknesses. Also, what developers like about AI tools – and what they don’t. And much more!...
CVE-2023-3595, CVE-2023-3596: Rockwell Automation ControlLogix 취약성 공개됨
Rockwell Automation issues advisory for multiple vulnerabilities, including a critical flaw that could lead to disruption or destruction of critical infrastructure processes....
OT 환경에서 Rockwell Automation Allen-Bradley 통신 모듈이 CVE-2023-3595 및 CVE-2023-3596에 영향을 받는 것을 발견
Identifying vulnerable systems in your industrial environment can be complex. Use the wrong tool and it will overlook affected devices. Find out how Tenable OT Security is designed to give you in-depth asset visibility to address these new vulnerabilities without disrupting productivity....
Microsoft의 2023년 7월 Patch Tuesday에서 130개의 CVE(CVE-2023-36884)를 처리
Microsoft addresses 130 CVEs including five that were exploited in the wild as zero-day vulnerabilities and guidance on the malicious use of Microsoft signed drivers....
Tenable Cyber Watch: 연구에 의하면 많은 CISO가 이사회 구성원으로 적격이 아닌 것으로 확인, 사이버 보안이 비즈니스를 향상하는 방식 등
This week’s edition of Tenable Cyber Watch unpacks the new comprehensive guide on LockBit, the world’s most deployed ransomware variant, and explores how cybersecurity can boost business. Also covered: a new study finds many CISOs to be unqualified to serve on boards. ...
사이버 보안 스냅샷: ChatGPT와 같은 도구가 개발자의 속도를 향상하고 사이버 위험을 증대할 것임
Learn about the promise and peril of generative AI for software development – and how it makes business execs both happy and fearful. Plus, do cyber teams underestimate risk? Also, NIST has a new AI working group – care to join? And much more!...
An Unexpected Implication of Lambda Privileges
Learn how a combination of AWS service usage and permissions discovered by Tenable Cloud Security may increase risk upon a certain non-compliance....
Tenable Cyber Watch: 연방 기관에서 CL0P Info에 대해 $100만 보상 제공, 랜섬웨어 인시던트 대응의 모범 사례 등
This week’s edition of Tenable Cyber Watch unpacks the $10 million bounty issued by the U.S. State Department’s Rewards for Justice program for information on the CL0P gang and shares four best practices for ransomware incident response. Also covered: a new study finds U.S. critical infrastructure t...
사이버 보안 스냅샷: AI에 대한 우려가 증가함에 따라 전문가들이 AI에 대한 조언을 백악관 및 의회에 제출
Learn all about the recommendations the NAIAC made to the U.S. government for responsible AI. Plus, employees go gaga over ChatGPT, while cyber teams get tasked with securing it. Also, we look at cloud IAM challenges and how to tackle them. And much more!...