CVE-2022-47939: 리눅스 커널에 중요 RCE 취약성
A critical remote code execution vulnerability in the Linux kernel has been publicly disclosed by Trend Micro's Zero Day Initiative in its ZDI-22-1690 advisory. The vulnerability has been given a CVSSv3 of 10.0. There are no reports of active exploitation.
사이버 보안 스냅샷: Tenable의 2023년에 대한 6개 예측
As 2022 draws to a close, we asked Tenable experts what they expect for the new year. After reading the tea leaves, they’re forecasting developments in extortion attacks, OT security, SaaS threats, metaverse risks and more!
Patch Tuesday’s Impact on Cybersecurity Over the Years
Dive into the history of Patch Tuesday and learn how it continues to influence the ways security teams manage patches.
CVE-2022-37958: FAQ for Critical Microsoft SPNEGO NEGOEX Vulnerability
Microsoft recently reclassified a vulnerability in SPNEGO NEGOEX, originally patched in September, after a security researcher discovered that it can lead to remote code execution. Organizations are urged to apply these patches as soon as possible.
CNAPP(클라우드 네이티브 애플리케이션 보호 플랫폼) An Evolving Approach to Cloud Security
A look at how IAM works and how CIEM enhances IAM security in the cloud.
Your Guide to IAM – and IAM Security in the Cloud
A look at how IAM works and how CIEM enhances IAM security in the cloud.
Tenable Cyber Watch: 메타버스에서 치안 업무, AI 및 ML 보안 유지, Daixin의 병원에 위협 및 통합된 사이버 플랫폼으로 전환하기
To help you zap those Monday blahs, here’s a caffeinated shot of cyber news you can use: Police chiefs must get hip to the metaverse. CISOs are shifting to integrated cybersecurity platforms. There's new guidance for securing ML and AI systems. Hospitals face a ransomware threat from the Daixin…
사이버 보안 스냅샷: 피싱 사기, 봉급 추세, 메타버스 위험, Log4J Poll
Get the latest on worrisome phishing stats; businesses’ embrace of the metaverse, come what may; a (small) improvement in CISO job stability; the compensation cost of security leaders; and more!
Microsoft의 December 2022 Patch Tuesday에서 48개 CVE를 해결(CVE-2022-44698)
Microsoft addresses 48 CVEs including two zero-day vulnerabilities, one that has been exploited in the wild (CVE-2022-44698) and one that was publicly disclosed prior to a patch being available (CVE-2022-44710).
CVE-2022-27518: Citrix ADC 및 게이트웨이에 승인되지 않은 RCE
Citrix has patched a critical remote code execution vulnerability in its Gateway and ADC products. This vulnerability has reportedly been exploited as a zero day; organizations should patch urgently.
IT 서비스 공급자 및 MSP의 사이버 보안 대비성 평가 방법
Improperly evaluating the cybersecurity capabilities of prospective IT service providers and managed service providers (MSPs) can put your organization's data and systems at risk. A new guide from CompTIA can help you ask the right questions.
CVE-2022-42475: Fortinet에서 FortiOS SSL VPN의 제로데이 익스플로잇 패치
Fortinet has patched a zero day buffer overflow in FortiOS that could lead to remote code execution. There has been a report of active exploitation and organizations should patch urgently.