CVE-2024-7593: Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability
August 14, 2024
マイクロソフトの2024年8月月例更新プログラム、88 件の脆弱性に対処
2024/8/13Microsoft addresses 88 CVEs with seven critical vulnerabilities and 10 zero-day vulnerabilities, six of which were exploited in the wild.
マイクロソフトの AI ヘルスケア チャットボット サービスの侵害
2024/8/13Tenable Research discovered multiple privilege-escalation issues in the Azure Health Bot Service via a server-side request forgery (SSRF), which allowed researchers access to cross-tenant resources.
サイバーセキュリティニュース: 最新のレポートがクラウドの主要な脅威をランク付け、CISA ガイドがソフトウェア製品のセキュリティ評価に役立つ
2024/8/9The Cloud Security Alliance has released its list of top cloud threats for 2024. Plus, CISA and the FBI published a guide for determining if a software product was built ‘secure by design.’ Meanwhile, find out how AI can transform offensive security. And get the latest on the Royal ransomware gang, the CIS Benchmarks and TikTok’s legal troubles!
CVE-2024-20419: Cisco Smart Software Manager オンプレミスにおけるパスワード変更の脆弱性
2024/8/9Critical vulnerability in Cisco Smart Software Manager On-Prem exposes systems to unauthorized password changes, exploit code now available.BackgroundOn July 17, 2024, Cisco published an advisory for ...
Windows 資産上の危険なサードパーティ製ドライバーの検出
2024/8/7Kernel-mode drivers are critical yet risky components of the Windows operating system. Learn about their functionality, the dangers they pose, and how Tenable's new plugins can help identify and mitigate vulnerabilities using community-driven resources like LOLDrivers.
AI アタックサーフェスのセキュリティ対策:よく理解されているものと未知なるものを区別する
2024/8/7There's a lot of confusion and unknowns regarding AI application risks, and a lot of vendors are trying to offer solutions to problems that aren't clearly defined. In this blog we explain why a smart approach is to start by focusing on basic, foundational cyber hygiene, adopt well-established best practices and enforce common-sense usage policies.
AI への露出のリスク
2024/8/6As AI usage becomes more prevalent in organizations globally, security teams must get full visibility into these applications. Building a comprehensive inventory of AI applications in your environment is a first step. Read on to learn what we found about AI application-usage in the real world when we analyzed anonymized telemetry data from scans using Tenable’s products.
セキュリティ第一のアプローチ: ユーザー(AI も含む)の入力を決して信用しない
2024/8/6As AI transforms industries, security remains critical. Discover the importance of a security-first approach in AI development, the risks of open-source tools, and how Tenable's solutions can help protect your systems.
サイバーエクスポージャを阻止する新しい Tenable ブランドのご紹介
2024/8/5At Tenable, our mission is to manage and reduce cyber risk, because cyber risk is business risk. Feedback from dozens of top CISOs is reflected in our latest brand evolution. Tenable is the exposure management company that helps customers know where their weaknesses lie, expose their risk and close the gaps. Welcome to Tenable. Your exposure ends here.
データを行動に変える:インテリジェンス主導の脆弱性管理
2024/8/5脆弱性管理チームでは、コンテキストを踏まえた脆弱性の優先順位付けが常に課題となっています。公開される CVE が増えていくにつれて、この作業が簡単になることはありません。多くの企業は、この状況を改善するために、さまざまなインテリジェンスデータとツールを活用した環境保護製品とサービスに投資せざるを得なくなっています。このブログ記事では、Tenable の Vulnerability Intelligence と Exposure Response が、どのように組織におけるデータに基づいた意思決定を支援し、プログラムの優先順位付けと運用を改善できるのかを説明します。
サイバーセキュリティニュース: 調査レポートによるとランサムウェア攻撃は減少、データ漏洩のコストは上昇している
2024/8/2IBM’s latest “Cost of a Data Breach Report” finds these data-theft incidents getting more expensive. Plus, the IT-ISAC says that ransomware attacks fell in Q2 due to law-enforcement disruptions of ransomware groups. Meanwhile, check out a Carnegie Mellon comp sci professor’s take on AI system security. And Tenable’s headed to Black Hat – visit our booth! そのほか豊富な内容も掲載しています。
FedRAMP の認可を近日中に取得する Tenable Cloud Security が連邦政府機関のクラウド課題解決を支援
July 31, 2024As federal agencies adopt a cloud-first policy, they face unique challenges in securing cloud infrastructure. Learn how Tenable Cloud Security, which is now FedRAMP "In Process," can help.
