사이버 보안 스냅샷: 6 Best Practices for Implementing AI Securely and Ethically
May 31, 2024CVE-2024-24919: Check Point Security Gateway Information Disclosure Zero-Day Exploited in the Wild
May 29, 2024Amid warnings of threat actors targeting VPN devices, Check Point has identified a zero-day information disclosure vulnerability impacting Check Point Network Security gateways which has been exploited by malicious actors.
Tenable Delivers Innovative Enhancements to the Assure MSSP Program and MSSP Portal, Demonstrating Our Commitment to a Partner-Focused Go-To-Market Strategy
May 28, 2024The enhancements include a new self-provisioning capability in the MSSP Portal that’ll drastically shorten customer onboarding and a quarterly billing option for MSSP Program partners
사이버 보안 스냅샷: EPA Urges Water Plants To Boost Cybersecurity, as OpenSSF Launches Threat Intel Platform for Open Source Software
May 24, 2024Check out the EPA’s call for water plants to beef up their cyber defenses. Plus, open source developers have a new platform to share threat intelligence. Moreover, business email compromise attacks prompt alert from U.K.’s cyber agency. And CISA tackles DNS encryption best practices. And much more!
How A CNAPP Can Take You From Cloud Security Novice To Native In 10 Steps
May 23, 2024Context is critical in cloud security. In a recent RSA presentation, Tenable's Shai Morag offered ten tips for end-to-end cloud infrastructure security.
What To Keep in Mind When Securing Kubernetes Persistent Volumes
May 21, 2024To many, Kubernetes is a black box that’s difficult to understand, manage and secure. If you’re using stateful persistent volumes – cloud resources that live and manage data outside the scope of your pods – it can be even darker.
Linguistic Lumberjack: Attacking Cloud Services via Logging Endpoints (Fluent Bit - CVE-2024-4323)
May 20, 2024Tenable Research has discovered a critical memory corruption vulnerability dubbed Linguistic Lumberjack in Fluent Bit, a core component in the monitoring infrastructure of many cloud services.
사이버 보안 스냅샷: CISA Warns Hospitals about Black Basta, as Tenable Study Finds Cloud-Related Breaches Pervasive
May 17, 2024Find out why healthcare organizations must beware of the Black Basta ransomware group. Meanwhile, a Tenable study found that 95% of surveyed organizations suffered a cloud-related breach, and offers insights for boosting cloud security. Plus, a Cloud Security Alliance report delves into how AI systems can create risky gaps in your cloud environment. And much more!
Kinsing Malware Hides Itself as a Manual Page and Targets Cloud Servers
May 16, 2024Tenable Cloud Security Research Team has recently discovered that Kinsing malware, known for targeting Linux-based cloud infrastructures, exploits Apache Tomcat servers with new advanced stealth techniques. Explore our analysis and the indicators of compromise in this report.
Microsoft’s May 2024 Patch Tuesday Addresses 59 CVEs (CVE-2024-30051, CVE-2024-30040)
May 14, 2024Microsoft addresses 59 CVEs in its May 2024 Patch Tuesday release with one critical vulnerability and three zero-day vulnerabilities, two of which were exploited in the wild.
Tenable Cloud Security의 조사에 의하면 설문 조사에 응답한 조직의 무려 95%에서 지난 18개월 동안 클라우드 관련 침해를 겪음
May 14, 2024Tenable 2024년 클라우드 보안 전망 조사에서 발견한 사항은 능동적이고 견고한 클라우드 보안이 필요하다는 분명한 신호가 됩니다. 클라우드 보안 팀이 직면한 주요 도전 과제, 클라우드 인프라 보호를 개선하기 위한 전략 및 성공을 측정하기 위해 사용하는 도구를 포함하여 이 조사에서 발견한 사항을 더 자세히 읽어보십시오.
Shifting the Paradigm: Why the Cyber Insurance Industry Should Focus on Preventive Security
May 13, 2024As claims and losses climb, it’s clear that preventive security should be prioritized more when designing a cyber insurance policy. Here’s why preventive security investments are cost effective and can lead to lower premiums.
사이버 보안 스냅샷: New Guide Explains How To Assess if Software Is Secure by Design, While NIST Publishes GenAI Risk Framework
May 10, 2024Is the software your company wants to buy securely designed? A new guide outlines how you can find out. Meanwhile, a new NIST framework can help you assess your GenAI systems’ risks. Plus, a survey shows a big disconnect between AI usage (high) and AI governance (low). And MITRE’s breach post-mortem brims with insights and actionable tips. And much more!