Tenable ブログ
ブログ通知を受信するオラクル、2021 年 7 月のクリティカルパッチアップデートで 231 件の脆弱性を修正
基礎に焦点を当てる: ランサムウェアから身を守るための 6 つのステップ
Ransomware is the monetization of poor cyber hygiene. Here are 6 steps you can take to improve your security defenses. Ransomware attacks have become a boardroom issue for nearly every organization. I...
企業のサイバーセキュリティ対策: 効果の測定に役立つ 5 つの質問
When it comes to measuring the efficacy of your security efforts, understanding how your program stacks up against peers can reveal where key improvements or investments are needed. Proving success i...
重要インフラの進化はサイバーセキュリティなしではできない
Will bipartisan legislation in the U.S. make securing IT and operational technology a priority? U.S. lawmakers have an unprecedented opportunity to vastly improve the cybersecurity posture of the nati...
CVE-2021-35211: SolarWinds Serv-U ファイル転送のゼロデイ脆弱性が実攻撃に悪用されている
Following a patch for a zero-day vulnerability in SolarWinds’ Serv-U Managed File Transfer, researchers share new details about the attacks, as over 8,000 systems remain publicly accessible and potent...
謳い文句に頼らない: ニーズに合った脆弱性評価ツールを選択するには
Not all scanning solutions are created equal… The vulnerability assessment market has changed dramatically over the past several years. A growing number of vendors who once provided scan tools that me...
マイクロソフトの 2021 年 7 月の月例セキュリティ更新プログラムが CVE 116 件に対応 (CVE-2021-31979, CVE-2021-33771)
Microsoft highlights 116 CVEs including two which were addressed by April patches. 12Critical 103Important 1Moderate 0Low Microsoft patched 116 CVEs in the July 2021 Patch Tuesday release,...
産業制御システム内のゼロデイ脆弱性: 重要インフラのセキュリティ確保の難しさを浮き彫りに
The disclosure of zero day vulnerabilities in several Schneider Electric industrial control systems highlights the need to revamp cybersecurity practices in operational technology environments. A zer...
脆弱性を超えてアタックサーフェスと取り組む
A good understanding of the attack surface is of prime importance in measuring and prioritizing risk. Here's how Tenable's data can allow security professionals to have a more realistic view of their...
CVE-2021-34527: Microsoft、Windows のプリントスプーラーの PrintNightmare 脆弱性対応の緊急パッチ公開
Microsoft issues an out-of-band patch for critical ‘PrintNightmare’ vulnerability following reports of in-the-wild exploitation and publication of multiple proof-of-concept exploit scripts Update July...
CVE-2021-30116: Kaseya VSA 内の複数のゼロデイが REvil ランサムウェアの拡散に悪用されている
Zero-day vulnerabilities in popular remote monitoring and management software targeted by threat actors to distribute ransomware to reportedly over one million systems. Update July 22, 2021: Kaseya sa...
脆弱性の検出から修正まで: Tenable + HCL BigFix を役立てる方法
Reducing the time required to move from vulnerability assessment to remediation is a never ending challenge for most organizations. Here's how the integration between Tenable and HCL BigFix can help y...
CVE-2021-1675: 漏洩 - Windows のプリントスプーラーの重大な脆弱性の PoC
Researchers published and deleted proof-of-concept code for a remote code execution vulnerability in Windows Print Spooler, called PrintNightmare, though the PoC is likely still available. Update July...
