CVE-2022-40684: Critical Authentication Bypass in FortiOS and FortiProxy
Fortinet has patched a critical authentication bypass in its FortiOS and FortiProxy products that could lead to administrator access.BackgroundOn October 7, public reports began to circulate that...
View ArticleClik here to view.
Top 20 CVEs Exploited by People's Republic of China State-Sponsored Actors...
Top 20 CVEs Exploited by People's Republic of China State-Sponsored Actors (AA22-279A)CISA, the NSA and FBI issue a joint advisory detailing the top 20 vulnerabilities exploited by state-sponsored...
View ArticleClik here to view.
Tenable.io: To control or not to control, that is the question
For large deployments of Tenable, where Tenable.io is shared across geographical or business boundaries, you can leverage role-based access control (RBAC) to logically segment scan data or, where...
View ArticleClik here to view.
CISOs Tell All: Everything You’ve Ever Wanted To Know About CISOs in 2022
You’ve got questions and they’ve got answers. A global survey provides a snapshot of what it’s like to sit in the CISO chair, as these cybersecurity leaders face increasingly sophisticated cyber...
View ArticleClik here to view.
Microsoft’s October 2022 Patch Tuesday Addresses 84 CVEs (CVE-2022-41033)
Microsoft’s October 2022 Patch Tuesday Addresses 84 CVEs (CVE-2022-41033)Microsoft addresses 84 CVEs in its October 2022 Patch Tuesday release, including 13 critical...
View ArticleConsolidate and Unify to Accelerate Your Security Efforts
CISOs want to shrink their cybersecurity tool stack and see improved interoperability among products so that they can draw actionable insights from uniform and normalized data. Here we explain why this...
View ArticleClik here to view.
Cybersecurity Snapshot: 6 Things That Matter Right Now
Topics that are top of mind for the week ending Oct. 14 | Team culture is key for supply chain security | SecOps gets more challenging as attack surface expands | Weak credentials hurt cloud security |...
View ArticleHow Tenable Helps Federal Agencies Meet CISA’s Binding Operational Directive...
Here's how to leverage Tenable solutions to achieve compliance with BOD 23-01 from the Cybersecurity and Infrastructure Security Agency (CISA).The U.S. Cybersecurity and Infrastructure Security Agency...
View ArticleThree U.S. Policy Recommendations to Strengthen OT Cybersecurity
A presidential advisory committee report outlined strategies to improve government asset visibility, procurement and information sharing to enhance operational technology (OT) cybersecurity...
View ArticleClik here to view.
Oracle October 2022 Critical Patch Update Addresses 179 CVEs
Oracle October 2022 Critical Patch Update Addresses 179 CVEsOracle addresses 179 CVEs in its fourth and final quarterly update of 2022 with 370 patches, including 56 critical updates.BackgroundOn...
View ArticleExposure Management: Our Vision for Securing the Modern Attack Surface
Securing today’s complex and dynamic IT environments requires bringing together vulnerability management, Web application security, cloud security, identity security, attack path analysis and external...
View ArticleClik here to view.
Cybersecurity Snapshot: 6 Things That Matter Right Now
Topics that are top of mind for the week ending Oct. 21 | The problem with Gen Zers and Millennials | Global shortage of cybersecurity pros worsens | An informal poll about attack surface growth |...
View ArticleCVE-2021-39144: VMware Patches Critical Cloud Foundation Vulnerability in...
VMware issues patches for end-of-life versions of Cloud Foundation Network Security Virtualization for vSphere (NSX-V) to address a critical vulnerability in an open source library.BackgroundOn October...
View ArticleClik here to view.
To Boost Software Supply Chain Security, Stop the Finger-Pointing
Google’s annual DevOps report finds that organizations with a low-blame, collaborative approach have stronger app dev security practices. For the first time in eight years, the “Accelerate State of...
View ArticleClik here to view.
Cybersecurity Snapshot: Tips for cloud configs, MSP vetting, CISO board...
Get the latest on Microsoft 365 security configurations; effective CISO board presentations; rating MSPs’ cybersecurity preparedness; and hospitals’ Daixin cyberthreat.Dive into 6 things that are top...
View ArticleCVE-2022-3786 and CVE-2022-3602: OpenSSL Patches Two High Severity...
CVE-2022-3786 and CVE-2022-3602: OpenSSL Patches Two High Severity VulnerabilitiesOpenSSL has patched two vulnerabilities, pivoting from its earlier announcement, in version 3.0.7.BackgroundOn October...
View ArticleClik here to view.
Tenable One Exposure Management Platform: Unlocking the Power of Data
When our data engineering team was enlisted to work on Tenable One, we knew we needed a strong partner. Here’s how we selected Snowflake to help us deliver on the promise of exposure management.The...
View ArticleClik here to view.
Cybersecurity Snapshot: Salary Trends, Ransomware Summit, Next-gen MFA
Get the latest on salary trends for CISOs and cybersecurity pros; CISA’s call for adopting phishing-resistant MFA; the White House’s ransomware summit; and more!Dive into 6 things that are top of mind...
View ArticleClik here to view.
Shift left: Still a Work in Progress
Experts say “shift left” practices are falling short. Here’s what you need to know and what you can do about it.Researchers are calling on companies to do a better job of educating developers about...
View ArticleClik here to view.
Microsoft’s November 2022 Patch Tuesday Addresses 62 CVEs (CVE-2022-41073)
Microsoft’s November 2022 Patch Tuesday Addresses 62 CVEs (CVE-2022-41073)Microsoft addresses 62 CVEs including four zero-day vulnerabilities that were exploited in the...
View Article