These Services Shall Not Pass: Abusing Service Tags to Bypass Azure Firewall Rules (Customer Action Required)
Azure customers whose firewall rules rely on Azure Service Tags, pay attention: You could be at risk due to a vulnerability detected by Tenable Research. Here’s what you need to know to determine if you’re affected, and if so, what you should do right away to protect your Azure environment from…
Linguistic Lumberjack: Attacking Cloud Services via Logging Endpoints (Fluent Bit - CVE-2024-4323)
Tenable Research has discovered a critical memory corruption vulnerability dubbed Linguistic Lumberjack in Fluent Bit, a core component in the monitoring infrastructure of many cloud services.
Tenable Cloud Security의 조사에 의하면 설문 조사에 응답한 조직의 무려 95%에서 지난 18개월 동안 클라우드 관련 침해를 겪음
Tenable 2024년 클라우드 보안 전망 조사에서 발견한 사항은 능동적이고 견고한 클라우드 보안이 필요하다는 분명한 신호가 됩니다. Read on to learn more about the study’s findings, including the main challenges cloud security teams face, their strategies for better protecting their cloud…
FlowFixation: AWS Apache Airflow 서비스 테이크오버 취약성 및 Guardrails을 무시하면 주요 CSP에 위험이 되는 이유
Tenable Research discovered a one-click account takeover vulnerability in the AWS Managed Workflows Apache Airflow service that could have allowed full takeover of a victim’s web management panel of the Airflow instance. The discovery of this now-resolved vulnerability reveals a broader problem of…
IDC에서 Tenable을 5년 연속으로 전 세계 장치 취약성 관리 시정 점유율에서 1위로 보고
시장 조사 회사의 최신 보고서는 또한 보안 전문가가 취약성 관리 전략을 향상하는 데 사용할 수 있는 시장에 대한 통찰을 제공합니다.
Pig Butchering Scam: From Tinder and TikTok to WhatsApp and Telegram, How Scammers Are Stealing Millions in a Long Con
In part one of a two-part series on Pig butchering, we detail the pervasive scam that has impacted thousands of victims around the world, resulting in the loss of hundreds of millions of dollars. This blog highlights the who and the how of Pig butchering scams, and details the Pig butchering…
Pig Butchering Scam: How Bitcoin, Ethereum, Litecoin and Spot Gold (XAUUSD) Investments Are Used in Romance Scams to Steal Hundreds of Millions
This is the second part of a two-part series based on firsthand research into pig butchering scams from the end of 2022 into early 2024. In this post, we delve into the types of investment scams perpetrated by pig butchers to steal hundreds of millions of dollars from victims, including in the form…
어린이가 안전하지 않습니다: Edulog 포털의 취약성으로 K-12 학생 위치 데이터가 노출
Tenable Research discovered security flaws in a popular transportation management app that allowed access to student location data. While these issues have been fixed, the findings again prove the importance of strong authentication and access control.
인증된 스캐닝으로 취약성 스캔의 가치를 최대화
Want to get a lot more value out of your vulnerability scans? Start doing authenticated scanning
막힌 길을 탐: 일본에서 예방적 보안을 위해 인력, 프로세스 및 기술 도전 관제를 극복하기
Uncover the obstacles hindering preventive cybersecurity and ways to build cyber resilience for your Japanese organisation in a commissioned study conducted in 2023 by Forrester Consulting on behalf of Tenable.
ApatchMe - AWS 및 GCP Apache Airflow 서비스에 인증된 저장된 XSS 취약성
Unpatched Apache Airflow instances used in Amazon Web Services (AWS) and Google Cloud Platform (GCP) allow an exploitable stored XSS through the task instance details page.
인도에서 조직이 예방적 사이버 보안을 실행하지 못하게 막는 것은?
Uncover the obstacles hindering preventive cybersecurity and ways to build cyber resilience for your Indian organisation in a commissioned study conducted in 2023 by Forrester Consulting on behalf of Tenable.
영업 팀에게 문의