Verizon’s 2022 Data Breach Report – Insights for Cloud Security Professionals
Wondering which cyberattack trends are putting your organization at risk? Learn about the leading threat vectors — and how cloud security solutions can help.
Microsoft’s October 2022 Patch Tuesday Addresses 84 CVEs (CVE-2022-41033)
Microsoft addresses 84 CVEs in its October 2022 Patch Tuesday release, including 13 critical flaws.
CISOs Tell All: Everything You’ve Ever Wanted To Know About CISOs in 2022
You’ve got questions and they’ve got answers. A global survey provides a snapshot of what it’s like to sit in the CISO chair, as these cybersecurity leaders face increasingly sophisticated cyber threats and heightened expectations from their organizations. They're questions that most…
Tenable.io: To control or not to control, that is the question
For large deployments of Tenable, where Tenable.io is shared across geographical or business boundaries, you can leverage role-based access control (RBAC) to logically segment scan data or, where required, restrict access to its scan data. In this blog, we’ll explain the configuration required to…
Top 20 CVEs Exploited by People's Republic of China State-Sponsored Actors (AA22-279A)
CISA, the NSA and FBI issue a joint advisory detailing the top 20 vulnerabilities exploited by state-sponsored threat actors linked to the People’s Republic of China.
CVE-2022-40684: Critical Authentication Bypass in FortiOS and FortiProxy
Fortinet has patched a critical authentication bypass in its FortiOS and FortiProxy products that could lead to administrator access.
사이버 보안 스냅샷: 바로 지금 중요한 6가지 사항
Topics that are top of mind for the week ending Oct. 7 | CISA puts spotlight on asset inventory and vulnerability management | Think tank does deep dive on IoT security | What’s the current state of cybersecurity? Not great | New malware cracks monthly top 10 list | And much more!
Public Network Access to Azure Resources Is Too Easy to Configure
For some types of Microsoft Azure resources and subnets, it’s extremely easy to configure what is essentially public network access. We describe here some examples and how to reduce such risks.
위험 노출 관리: 최신 공격 표면의 위험 감소
사이버 보안 조직은 파편화된 수많은 데이터를 생성하지만 인사이트는 거의 없는 사후대응적이고 사일로화된 보안 프로그램과 포인트 도구의 무분별한 확장으로 인해 어려움을 겪고 있습니다. Here we explain why they need an exposure management platform that provides comprehensive visibility and allows them to…
CVE-2022-41040 and CVE-2022-41082: ProxyShell Variant Exploited in the Wild
Microsoft has confirmed reports of two zero-day vulnerabilities in Microsoft Exchange Server that have been exploited in the wild. Patches are not yet available.
사이버 보안 스냅샷: 바로 지금 중요한 6가지 사항
Topics that are top of mind for the week ending Sept. 30 | Are you ready for the quantum threat? | Tips for protecting critical infrastructure from cyberattacks | How to prevent MFA fatigue attacks | “FiGHT” to secure 5G networks | And much more!