Tenable ブログ
CVE-2025-25256: Proof of Concept Released for Critical Fortinet FortiSIEM Command Injection Vulnerability
How to Remediate Risk to Critical OT/IoT Systems without Disrupting Operations
Find out how adopting a proactive approach to secure your operational environments can help you reduce risk and eliminate downtime....
マイクロソフトの 2025 年 8 月月例更新プログラム、107 件の脆弱性を修正 (CVE-2025-53779)
Microsoft addresses 107 CVEs, including one zero-day vulnerability that was publicly disclosed....
脆弱性から可視性へ: SharePoint に対する攻撃により明らかにされた積極的なサイバーセキュリティ対策の必要性
The recent exploitation of Microsoft SharePoint vulnerabilities highlights a critical gap in traditional, reactive cybersecurity strategies. Learn how a proactive exposure management approach empowers federal agencies to reduce risk, streamline operations and stay secure....
予期せぬ侵害: 見えないリスクの組み合わせが組織を危険にさらしている
Most breaches don’t happen because of one glaring issue. They happen when multiple, seemingly low-risk factors silently combine. Learn how invisible risk combinations evade siloed security tools and how an exposure management program gives defenders the context they need to stop attacks before they ...
Tenable が GPT-5 を「脱獄」し、OpenAI の新しいセキュリティ技術にもかかわらず危険な情報を生成
Within just 24 hours of the release of OpenAI’s GPT-5, Tenable Research successfully managed to jailbreak the model by getting it to share detailed instructions for how to build an explosive. Our finding is concerning, given that OpenAI described GPT-5's prompt safety technology as significantly mor...
Tenable のセキュリティチーム、エクスポージャー管理により数千件のアラートから数件のチケットへ
毎週月曜日、Tenable のサイバーエクスポージャー管理アカデミーでは、脆弱性管理からサイバーエクスポージャー管理への移行に必要な、実用的で現実的なガイダンスを提供しています。 In this post, Tenable CSO Robert Huber shares how he and his team have guided the company to unified exposure management. ...
サイバーセキュリティニュース: CISA が SharePoint に対する攻撃で使用されたマルウェアを分析、英国がサイバー評価フレームワークを強化
Check out what CISA found after it dissected malware from the latest SharePoint hacks. Plus, the U.K.’s cyber agency is overhauling its cyber framework to keep pace as threats escalate. In addition, CISA is sounding the alarm on a high-severity vulnerability impacting hybrid Exchange environments. A...
CVE-2025-53786: Microsoft Exchange Server ハイブリッド展開における特権昇格の脆弱性に関するよくある質問
Frequently asked questions about CVE-2025-53786, an elevation of privilege vulnerability affecting Microsoft Exchange Server Hybrid Deployments....
Tenable、2025 年 IDC MarketScape にて CNAPP における主要プレイヤーとして評価される
"With a strong focus on CNAPP through Tenable Cloud Security and exposure management with Tenable One, Tenable provides visibility and control over hybrid attack surfaces, including on-premises, cloud, and hybrid environments,” according to the report....
