Tenable 블로그
The developer credential economy: Why exposure data is the new front line in the supply chain war
CVE-2023-3595, CVE-2023-3596: Rockwell Automation ControlLogix 취약성 공개됨
Rockwell Automation issues advisory for multiple vulnerabilities, including a critical flaw that could lead to disruption or destruction of critical infrastructure processes.
OT 환경에서 Rockwell Automation Allen-Bradley 통신 모듈이 CVE-2023-3595 및 CVE-2023-3596에 영향을 받는 것을 발견
Identifying vulnerable systems in your industrial environment can be complex. Use the wrong tool and it will overlook affected devices. Find out how Tenable OT Security is designed to give you in-depth asset visibility to address these new vulnerabilities without disrupting productivity.
Microsoft의 2023년 7월 Patch Tuesday에서 130개의 CVE(CVE-2023-36884)를 처리
Microsoft addresses 130 CVEs including five that were exploited in the wild as zero-day vulnerabilities and guidance on the malicious use of Microsoft signed drivers.
Tenable Cyber Watch: 연구에 의하면 많은 CISO가 이사회 구성원으로 적격이 아닌 것으로 확인, 사이버 보안이 비즈니스를 향상하는 방식 등
This week’s edition of Tenable Cyber Watch unpacks the new comprehensive guide on LockBit, the world’s most deployed ransomware variant, and explores how cybersecurity can boost business. Also covered: a new study finds many CISOs to be unqualified to serve on boards.
사이버 보안 스냅샷: ChatGPT와 같은 도구가 개발자의 속도를 향상하고 사이버 위험을 증대할 것임
Learn about the promise and peril of generative AI for software development – and how it makes business execs both happy and fearful. Plus, do cyber teams underestimate risk? Also, NIST has a new AI working group – care to join? And much more!
An Unexpected Implication of Lambda Privileges
Learn how a combination of AWS service usage and permissions discovered by Tenable Cloud Security may increase risk upon a certain non-compliance.
Tenable Cyber Watch: 연방 기관에서 CL0P Info에 대해 $100만 보상 제공, 랜섬웨어 인시던트 대응의 모범 사례 등
This week’s edition of Tenable Cyber Watch unpacks the $10 million bounty issued by the U.S. State Department’s Rewards for Justice program for information on the CL0P gang and shares four best practices for ransomware incident response. Also covered: a new study finds U.S. critical infrastructure…
사이버 보안 스냅샷: AI에 대한 우려가 증가함에 따라 전문가들이 AI에 대한 조언을 백악관 및 의회에 제출
Learn all about the recommendations the NAIAC made to the U.S. government for responsible AI. Plus, employees go gaga over ChatGPT, while cyber teams get tasked with securing it. Also, we look at cloud IAM challenges and how to tackle them. And much more!
The Default Toxic Combination of GCP Compute Engine Instances
By default, compute instances in GCP are prone to a toxic combination that you should be aware of, and can avoid and fix.
