CVE-2025-32756: 다수의 Fortinet 제품에서 제로데이 취약성이 널리 악용됨
Fortinet has observed threat actors exploiting CVE-2025-32756, a critical zero-day arbitrary code execution vulnerability which affects multiple Fortinet products including FortiVoice, FortiMail, FortiNDR, FortiRecorder and FortiCamera.
CVE-2025-4427, CVE-2025-4428: Ivanti Endpoint Manager Mobile (EPMM) 원격 코드 실행
Remote code execution vulnerability in a popular mobile device management solution from Ivanti has been exploited in the wild in limited attacks
Microsoft의 May 2025 Patch Tuesday에서 71개 CVE(CVE-2025-32701, CVE-2025-32706, CVE-2025-30400)에 대응
Microsoft addresses 71 CVEs including seven zero-days, five of which were exploited in the wild.
공격자가 사용하는 원격 모니터링 및 관리 도구를 탐지
Following up on last year’s LOLDriver plugin, Tenable Research is releasing detection plugins for the top Remote Monitoring and Management (RMM) tools that attackers have been more frequently leveraging in victim environments.
위험 노출 관리가 보안 도구 활용에 도움이 되는 6개 방식
매주 월요일 Tenable 위험 노출 관리 아카데미에서는 취약성 관리에서 위험 노출 관리로 전환하기 위해 필요한 실용적이고 실제 환경에 사용할 수 있는 참조 자료를 제공합니다. In this post, the second of two parts, we look closely at six ways exposure management can help you tame security tool sprawl.
사이버 보안 스냅샷: 영 NCSC’s Best Cyber Advice on AI Security, the Quantum Threat, API Risks, Mobile Malware and More
In this special edition of the Cybersecurity Snapshot, we bring you some of the most valuable guidance offered by the U.K. National Cyber Security Centre (NCSC) in the past 18 months. Check out best practices, recommendations and insights on protecting your AI systems, APIs and mobile devices, as…
취약성 관리에서 위험 노출 관리까지: 무시할 수 없는 중요한 변화
Vulnerability management remains core to reducing cyber risk — but as the attack surface grows, teams need a risk-driven strategy that looks beyond vulnerabilities to see the bigger picture. Discover how exposure management unifies data and prioritizes real exposures — keeping teams proactive and…
5분 만에 더 강력한 클라우드 보안: 클라우드 ID 보안 유지
After covering cloud security posture management (CSPM) and cloud workload protection (CWP) in the first two installments of Tenable’s “Stronger Cloud Security in Five” blog series, today we focus on securing your cloud identities. Protecting them is a tall order, but it’s critical because…
Frequently Asked Questions About Vibe Coding
Vibe coding has attracted much attention in recent weeks with the release of many AI-driven tools. This blog answers some of the Frequently Asked Questions (FAQ) around vibe coding.
How Exposure Management Can Ease the Pain of Security Tool Sprawl
매주 월요일 Tenable 위험 노출 관리 아카데미에서는 취약성 관리에서 위험 노출 관리로 전환하기 위해 필요한 실용적이고 실제 환경에 사용할 수 있는 참조 자료를 제공합니다. In this post, the first of two parts, we explore how exposure management can help ease the pain of having too many siloed security…
사이버 보안 스냅샷: CISA’s Best Cyber Advice on Securing Cloud, OT, Apps and More
In this special edition of the Cybersecurity Snapshot, we’re highlighting some of the most valuable guidance offered by the U.S. Cybersecurity and Infrastructure Security Agency in the past 12 months. Check out best practices, recommendations and insights on protecting your cloud environments, OT…
MCP 프롬프트 인젝션: Not Just For Evil
MCP 도구가 여러 새로운 공격 기술에 관련되었습니다. 도구 사용 로깅 및 권한이 없는 명령 필터링과 같이 완벽히 조작할 수 있는 방법에 대해 알아봅니다.
영업 팀에게 문의