Clik here to view.
Five Core Principles for Hybrid Cloud Security
How to build a hybrid-cloud security strategy that is effective, scalable and affordable. Cloud sprawl has become a fact of life for most organizations. As organizations shift workloads from...
View ArticleClik here to view.
3CX Desktop App for Windows and macOS Reportedly Compromised in Supply Chain...
A softphone desktop application from 3CX, makers of a popular VoIP PBX solution used by over 600,000 organizations, has reportedly been trojanized as part of a supply chain attack. CVE-2023-29059 was...
View ArticleClik here to view.
Cybersecurity Snapshot: CISA Issues Incident Response Tool for Microsoft...
Learn about a free tool for detecting malicious activity in Microsoft cloud environments. Plus, Europol warns about ChatGPT cyber risks. Also, how business email compromise (BEC) scammers are stealing...
View ArticleClik here to view.
Tenable Cyber Watch: Help for MITRE ATT&CK Mapping, Why Organizations...
This week’s edition of the Tenable Cyber Watch unpacks CISA’s new ‘Decider” tool, which aims to streamline MITRE ATT&CK mapping. We also explore why organizations struggle with data protection of...
View ArticleClik here to view.
Cybersecurity Snapshot: ChatGPT Use Can Lead to Data Privacy Violations
Learn how businesses can run afoul of privacy laws with generative AI chatbots like ChatGPT. Plus, the job market for cyber analysts and engineers looks robust. Also, cybercrooks lost a major resource...
View ArticleClik here to view.
Tenable Cyber Watch: U.S. Government Mulls TikTok Ban, Europol Warns About...
This week’s edition of the Tenable Cyber Watch unpacks the U.S. government’s efforts to ban TikTok and addresses Europol’s concerns about ChatGPT cyber risks. Also covered: How CISA’s new...
View ArticleClik here to view.
TSA, FAA Requirements Emphasize Cybersecurity for Airport and Aircraft...
The TSA and FAA are making cybersecurity a priority for airport and aircraft operators and for airport terminal projects to prevent disruption and degradation to their infrastructure. Here's what you...
View ArticleClik here to view.
Microsoft’s April 2023 Patch Tuesday Addresses 97 CVEs (CVE-2023-28252)
Microsoft’s April 2023 Patch Tuesday Addresses 97 CVEs (CVE-2023-28252)Microsoft addresses 97 CVEs, including one that was exploited in the wild as a zero day7Critical90Important0Moderate0LowMicrosoft...
View ArticleClik here to view.
Agents vs. Agentless: Which Solution Is Right for Your Public Cloud Environment?
You can scan cloud systems for security problems in multiple ways depending on what your instances are running, how long they’re up and whether or not they can run an agent or be accessed with...
View ArticleClik here to view.
Cybersecurity Snapshot: As ChatGPT Concerns Mount, U.S. Govt Ponders...
As ChatGPT security worries rise, the Biden administration looks at crafting AI policy controls. Plus, Samsung reportedly limits ChatGPT use after employees fed it proprietary data. Also, how password...
View ArticleClik here to view.
Tenable Cyber Watch: FBI Warns of Sophisticated BEC Scam, NIST Unveils Its...
This week’s edition of the Tenable Cyber Watch unpacks the business email compromise scams (BEC) that are targeting vendors and explores NIST’s new AI Resource Center. Also covered: The most in-demand...
View ArticleClik here to view.
Announcing the 2023 Tenable Assure Partner Award Winners
Celebrating the elite defenders who are helping organizations around the world reduce their cyber risk.Securing the modern attack surface — with its complex mix of on-premises and cloud infrastructure,...
View ArticleClik here to view.
7 Regulatory and Compliance Frameworks with Broad Cloud Security Implications
Security teams responsible for enforcing regulatory and compliance mandates in a scalable and consistent way are often challenged to translate general legislative guidelines and controls into specific...
View ArticleClik here to view.
Oracle April 2023 Critical Patch Update Addresses 231 CVEs
Oracle April 2023 Critical Patch Update Addresses 231 CVEsOracle addresses 231 CVEs in its second quarterly update of 2023 with 433 patches, including 74 critical updates.BackgroundOn April 18, Oracle...
View ArticleClik here to view.
Cybersecurity Snapshot: The Latest on Supply Chain Security – SBOM...
Check out what CISA says about the sharing of software bills of materials. Plus, why you should tread carefully with open source components. Also, the SLSA supply chain security framework is ready. In...
View ArticleClik here to view.
CVE-2023-20864: VMware Aria Operations for Logs Deserialization Vulnerability
VMware issues advisory to address two flaws in its VMware Aria Operations for Logs solution, including a critical deserialization flaw assigned a CVSSv3 score of 9.8.BackgroundOn April 20, VMware...
View ArticleClik here to view.
ETHOS: Bringing the OT Security Community Together for Threat Information...
Tenable participates in a first-of-its-kind initiative that will aggregate information from several operational technology (OT) security vendors to share emerging threat intelligence with critical...
View ArticleClik here to view.
Tenable Cyber Watch: Dark Web Marketplace Genesis Market Shut Down, How Using...
This week’s edition of the Tenable Cyber Watch unpacks the international sting operation that successfully shut down notorious cybercrime marketplace Genesis Market and explores how using ChatGPT can...
View ArticleClik here to view.
‘K’ is for ‘Komplex’: Key Kubernetes Considerations for Security Teams
The use of Kubernetes introduces complexity to the modern attack surface and requires a different approach to security than traditional IT infrastructure. Security teams need a base understanding of...
View ArticleClik here to view.
What Security Leaders Need to Know About Security End of Life: How Tenable is...
Handling end-of-life conditions for software and hardware products is complicated by different stages and definitions. Tenable is leading the way on defining these disparate vulnerabilities under a...
View Article