허술한 ID 하이진이 Microsoft에 국가 정부가 주도하는 공격의 근본 원인
The latest breach suffered by Microsoft shows once again that detection and response are not enough. Because the source of an attack almost always boils down to a single overlooked user and permission, it’s critical for organizations to have strong preventive security.
CVE-2023-46805, CVE-2024-21887, CVE-2024-21888 and CVE-2024-21893: Frequently Asked Questions for Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways
Frequently asked questions for five CVEs affecting Ivanti Connect Secure and Policy Secure Gateways, with three of the vulnerabilities having been exploited in the wild as zero-days.
공격 경로 분석에 전문가가 아니십니까? Tenable ExposureAI가 선제적 보안을 달성하도록 지원합니다
With attacks becoming more sophisticated, security teams must spend more time analyzing different entry points into the organization, as well as numerous tactics, techniques and procedures. Find out how Tenable ExposureAI helps you overcome these challenges and enhances your efficiency and…
사이버 보안 스냅샷: New Guide Details How To Use AI Securely, as CERT Honcho Tells CISOs To Sharpen AI Security Skills Pronto
Cyber agencies from multiple countries published a joint guide on using artificial intelligence safely. Meanwhile, CERT’s director says AI is the top skill for CISOs to have in 2024. Plus, the UK’s NCSC forecasts how AI will supercharge cyberattacks. And a global survey shows cyber pros weighing…
미국 국방부의 OT 시스템에 사이버 보호를 강화
Operational technology plays a major role in many aspects of the U.S. Department of Defense — including in military operations, in the infrastructure on bases and throughout the supply chain. Strengthening the cyber defenses of these systems is imperative. 반드시 알아두어야 할 사항은 다음과 같습니다.
CVE-2024-0204: Fortra GoAnywhere MFT 인증 우회 취약성
Proof-of-concept exploit details are available for a newly disclosed critical vulnerability in Fortra GoAnywhere Managed File Transfer (MFT), a product historically targeted by ransomware
CVE-2023-22527: Atlassian Confluence Data Center 및 Server 템플릿 인젝션이 널리 악용됨
In the wild exploitation has begun for a recently disclosed, critical severity flaw in Atlassian Confluence Data Center and Server
클라우드 보안 전략 레벨업
Learn how to better your cloud security program with these ten security resolutions.
사이버 보안 스냅샷: Critical Infrastructure Orgs Cautioned About Chinese Drones, While Water Plants Advised To Boost Incident Response
Find out why Uncle Sam is warning critical infrastructure facilities about drones made in China, while urging water treatment plants to beef up incident response plans. Plus, the challenges stressing out CISOs are also opening new doors for them. In addition, the latest on the Androxgh0st malware…
더 나은 이상 탐지 및 인시던트 대응을 위해 내부 로그를 활용
Tenable Cloud Security enriches cloud activity log data to give you the context you need to quickly respond to and remediate cloud risks.
Tenable Cloud Security Now Supports the Generation of Pull Requests for Remediation Suggestions
The new capability is designed to make it more efficient for security teams to pass remediation recommendations on to the infrastructure team to implement. Here’s how it works.
