Clik here to view.
Microsoft’s March 2025 Patch Tuesday Addresses 56 CVEs (CVE-2025-26633,...
6Critical50Important0Moderate0LowMicrosoft addresses 56 CVEs, including seven zero-day flaws, with six of those being exploited in the wild.Microsoft patched 56 CVEs in its March 2025 Patch Tuesday...
View ArticleClik here to view.
DeepSeek Deep Dive Part 1: Creating Malware, Including Keyloggers and Ransomware
Tenable Research examines DeepSeek R1 and its capability to develop malware, such as a keylogger and ransomware. We found it provides a useful starting point, but requires additional prompting and...
View ArticleClik here to view.
Cybersecurity Snapshot: Medusa Ransomware Impacting Critical Infrastructure,...
Check out how to protect your org against the Medusa ransomware gang. Plus, another cryptographic algorithm designed to resist quantum attacks will be standardized. Meanwhile, Tenable did a deep dive...
View ArticleClik here to view.
What Is Exposure Management and Why Does It Matter?
Each Monday, the Tenable Exposure Management Academy will provide the practical, real-world guidance you need to shift from vulnerability management to exposure management. In our first blog in this...
View ArticleClik here to view.
Choosing the Right Cloud Security Provider: Five Non-Negotiables for...
Protecting your cloud environment for the long term involves choosing a security partner whose priorities align with your needs. Here's what you need to know.As organizations embrace multi-cloud and...
View ArticleClik here to view.
Cybersecurity Snapshot: Tenable Highlights Risks of AI Use in the Cloud, as...
Check out key findings and insights from the “Tenable Cloud AI Risk Report 2025.” Plus, get fresh guidance on how to transition to quantum-resistant cryptography. In addition, find out how AI is...
View ArticleClik here to view.
What it Takes to Start the Exposure Management Journey
Each Monday, the Tenable Exposure Management Academy will provide the practical, real-world guidance you need to make the shift from vulnerability management to exposure management. In this blog,...
View ArticleClik here to view.
CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514:...
Frequently asked questions about five vulnerabilities in the Ingress NGINX Controller for Kubernetes, collectively known as IngressNightmare.BackgroundThe Tenable Security Response Team (SRT) has...
View ArticleClik here to view.
Who's Afraid of AI Risk in Cloud Environments?
The Tenable Cloud AI Risk Report 2025 reveals that 70% of AI cloud workloads have at least one unremediated critical vulnerability — and that AI developer services are plagued by risky permissions...
View ArticleClik here to view.
Cybersecurity Snapshot: NIST Details Attacks Against AI, Recommends Defenses,...
Check out NIST’s comprehensive taxonomy of cyberattacks against AI systems, along with mitigation recommendations. Plus, organizations have another cryptographic algorithm for protecting data against...
View ArticleClik here to view.
Cybersecurity Leaders Share Three Challenges Exposure Management Helps Them...
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this blog, we share three...
View ArticleClik here to view.
ImageRunner: A Privilege Escalation Vulnerability Impacting GCP Cloud Run
Tenable Research discovered a privilege escalation vulnerability in Google Cloud Platform (GCP) that is now fixed and which we dubbed ImageRunner. At issue are identities that lack registry permissions...
View ArticleClik here to view.
How To Harden GitLab Permissions with Tenable
If your organization uses GitLab for managing your software development lifecycle, you must ensure you’re not misconfiguring the permissions of this open source DevSecOps platform. Doing so can expose...
View ArticleClik here to view.
Cybersecurity Snapshot: SANS Recommends Six Controls To Secure AI Systems,...
Check out the security controls that SANS Institute says are essential for protecting your AI systems. Plus, the U.K. NCSC urges organizations to adopt newer API security practices. In addition, CISA...
View ArticleClik here to view.
Five Steps to Move to Exposure Management
Each Monday, the Tenable Exposure Management Academy provides the practical, real-world guidance you need to shift from vulnerability management to exposure management. In this post, we explore the...
View ArticleClik here to view.
How To Implement Just-In-Time Access: Best Practices and Lessons Learned
With the just-In-time (JIT) access control method, privileges are granted temporarily on an as-needed basis. This reduces static entitlements, lowering the risk of compromised accounts and preventing...
View ArticleClik here to view.
Microsoft’s April 2025 Patch Tuesday Addresses 121 CVEs (CVE-2025-29824)
11Critical110Important0Moderate0LowMicrosoft addresses 121 CVEs including one zero-day which was exploited in the wild.Microsoft patched 121 CVEs in its April 2025 Patch Tuesday release, with 11 rated...
View ArticleClik here to view.
Stronger Cloud Security in Five: The Importance of Cloud Configuration Security
Mismanaging configurations in your multi-cloud environment can put you at an elevated risk for cyber attacks. In the first installment of our “Stronger Cloud Security in Five” blog series, we outline...
View ArticleClik here to view.
Frequently Asked Questions About Model Context Protocol (MCP) and Integrating...
The emergence of Model Context Protocol for AI is gaining significant interest due to its standardization of connecting external data sources to large language models (LLMs). While these updates are...
View ArticleClik here to view.
Cybersecurity Snapshot: Beware of Mobile Spyware Attacks, Cyber Agencies...
Check out why a global geopolitical spyware campaign could ensnare mobile users outside of its target groups. Plus, the U.K.’s cyber agency offers cyber governance resources to boards of directors....
View Article