Clik here to view.
Cybersecurity Snapshot: Study Raises Open Source Security Red Flags, as Cyber...
Don’t miss the Linux Foundation’s deep dive into open source software security. Plus, cyber agencies warn about China-backed cyber espionage campaign targeting telecom data. Meanwhile, a study shows...
View ArticleClik here to view.
Data Security in Healthcare: How Tenable Cloud Security Can Help
Healthcare is one of the most highly regulated industry sectors in the world. Adhering to compliance standards while also ensuring optimal patient experiences is a challenge. DSPM capabilities in...
View ArticleClik here to view.
Microsoft’s December 2024 Patch Tuesday Addresses 70 CVEs (CVE-2024-49138)
16Critical54Important0Moderate0LowMicrosoft addresses 70 CVEs with 16 rated critical, including one zero-day that was exploited in the wild.Microsoft patched 70 CVEs in its December 2024 Patch Tuesday...
View ArticleClik here to view.
Microsoft Patch Tuesday 2024 Year in Review
Microsoft addressed over 1000 CVEs as part of Patch Tuesday releases in 2024, including 22 zero-day vulnerabilities.BackgroundMicrosoft’s Patch Tuesday, a monthly release of software patches for...
View ArticleClik here to view.
New CISA Hardening Guidance Provides Valuable Insights for Network Security...
Recent guidance from CISA and the FBI highlights best practices to monitor and harden network infrastructure. The guidance, published in response to high-profile attacks on telecom infrastructure, is...
View ArticleClik here to view.
Cybersecurity Snapshot: Telecoms May Face Tougher Regulations After Salt...
The FCC wants stronger cyber regulations for telecoms after cyber espionage breaches. Meanwhile, find out why cyber pros say work has become more difficult. Plus, check out tips to prevent AI-boosted...
View ArticleClik here to view.
Web App Scanning 101: What Security Pros Need to Know About CI/CD Pipelines
Git, repositories and pipelines…oh my! We unpack standard practices in the web app development process and provide guidance on how to use Tenable Web Application Scanning to secure your code.Awesome!...
View ArticleClik here to view.
Cybersecurity Snapshot: CISA Hands Down Cloud Security Directive, While...
Check out the new cloud security requirements for federal agencies. Plus, beware of North Korean government operatives posing as remote IT pros. Also, learn how water plants can protect their HMIs...
View ArticleClik here to view.
Cybersecurity Snapshot: What Looms on Cyberland’s Horizon? Here’s What...
Wondering what cybersecurity trends will have the most impact in 2025? Check out six predictions from Tenable experts about cyber issues that should be on your radar screen in the new year — including...
View ArticleClik here to view.
Navigating the SEC’s Cybersecurity Disclosure Rules: One Year On
In December 2023, as cyberattacks surged, the U.S. Securities and Exchange Commission (SEC)began enforcing new cybersecurity disclosure rules. This pushed C-level executives and boards to adopt...
View ArticleClik here to view.
Choosing the Right CNAPP: Six Considerations for Mid-Sized Enterprises
Mid-sized enterprises increasingly find themselves in need of a CNAPP, as their cloud adoption matures. But how should they go about selecting the right one? What questions should they ask and what...
View ArticleClik here to view.
Cybersecurity Snapshot: After Telecom Hacks, CISA Offers Security Tips for...
Check out best practices for preventing mobile communications hacking. Plus, how the U.S. government can improve financial firms’ AI use. Meanwhile, the FBI warns about a campaign to hack vulnerable...
View ArticleClik here to view.
Tenable Chairman and CEO Amit Yoran Has Died
It is with profound sadness that we share the news of the passing of our beloved CEO Amit Yoran on January 3. Amit was not only a visionary leader but also a guiding force who profoundly impacted our...
View ArticleClik here to view.
CVE-2025-0282: Ivanti Connect Secure Zero-Day Vulnerability Exploited In The...
Ivanti disclosed two vulnerabilities in its Connect Secure, Policy Secure and Neurons for ZTA gateway devices, including one flaw that was exploited in the wild as a zero-day.Update January 9: The...
View ArticleClik here to view.
Microsoft’s January 2025 Patch Tuesday Addresses 157 CVEs (CVE-2025-21333,...
10Critical147Important0Moderate0LowMicrosoft addresses 157 CVEs in the first Patch Tuesday release of 2025 and the largest Patch Tuesday update ever with three CVEs exploited in the wild, and five CVEs...
View ArticleClik here to view.
CVE-2024-55591: Fortinet Authentication Bypass Zero-Day Vulnerability...
Fortinet patched a zero day authentication bypass vulnerability in FortiOS and FortiProxy that has been actively exploited in the wild as a zero-day since November 2024.BackgroundOn January 14,...
View ArticleClik here to view.
5 Things Government Agencies Need to Know About Zero Trust
Zero trust as a concept is simple to grasp. Implementing a zero trust architecture, on the other hand, is complex because it involves addressing a unique mix of process, procedure, technology and user...
View ArticleClik here to view.
New Cybersecurity Executive Order: What It Means for Federal Agencies
The Executive Order on Strengthening and Promoting Innovation in the Nation’s Cybersecurity includes guidance on third-party risk management and the need to adopt proven security practices to gain...
View ArticleClik here to view.
Cybersecurity Snapshot: CISA Lists Security Features OT Products Should Have...
Shopping for OT systems? A new CISA guide outlines OT cyber features to look for. Meanwhile, the U.S. government publishes a playbook for collecting AI vulnerability data. Plus, a White House EO...
View ArticleClik here to view.
Oracle January 2025 Critical Patch Update Addresses 186 CVEs
Oracle addresses 186 CVEs in its first quarterly update of 2025 with 318 patches, including 30 critical updates.BackgroundOn January 21, Oracle released its Critical Patch Update (CPU) for January...
View Article