CVE-2022-26134: Atlassian Confluence Server と Data Center のゼロデイ脆弱性の悪用が確認される
2022/6/3A critical vulnerability in Atlassian Confluence Server and Data Center has been exploited in the wild by multiple threat actors. Organizations should review and implement mitigation guidance until a patch becomes available.
重要インフラのサイバーセキュリティ強化に向けて CISO、規制当局、ベンダー、市民ができること
2022/6/1A year after the ransomware attack against the Colonial Pipeline, what can we do to further harden the IT and OT systems of power plants, fuel pipelines, water treatment plants and similar facilities?
CVE-2022-30190: マイクロソフト サポート診断ツール (MSDT) のゼロデイ・ゼロクリック脆弱性の悪用が確認される
2022/5/31Microsoft confirms remote code execution vulnerability in Microsoft Windows Support Diagnostic Tool that has been exploited in the wild since at least April.
Twitter の暗号通貨詐欺:Bored Ape Yacht Club、Azuki、その他のプロジェクトが NFT や暗号通貨を盗むために偽装される
2022/5/26詐欺師が認証済みおよび未認証のアカウントを使用して、 Bored Ape Yacht Club などの注目を集めている NFT プロジェクトになりすまし、Twitter ユーザーにタグを付けてフィッシング詐欺ウェブサイトに誘導しています。
eコマースの顧客の個人情報のセキュリティを強化
2022/5/25We were recently informed by Kulkan Security of a design flaw in our third-party ecommerce fulfillment system, cleverbridge, that could have potentially allowed customers to accidentally disclose thei...
州政府および地方自治体がサイバー攻撃に対する防御を強化するには
2022/5/24Cybersecurity leaders of U.S. cities and states must protect their systems and data from nation-state attackers, including Russian hackers.
SOC を Identity-Aware にして効率化する方法
2022/5/23While an attacker only needs to be right once, security teams must be right every time. That's why it's critical for SOC teams to stop ransomware attackers from exploiting AD weaknesses.
シフトレフトするための実践的なステップ
2022/5/23Learn how you can adopt a shift left approach that boosts the security of your software releases by helping DevOps teams detect and fix vulnerabilities and misconfigurations early in your software development lifecycle.
コロニアルパイプライン事件から 1 年後の OT セキュリティの現状
2022/5/19During a recent podcast, Tenable's VP of Operational Technology Marty Edwards discussed the cyber threats faced by critical infrastructure providers and the importance of OT security, topics he'll add...
CVE-2022-22972: VMware、Workspace ONE Access における追加の脆弱性にパッチを適用 (VMSA-2022-0014)
2022/5/22Organizations and government agencies are strongly advised to patch two newly disclosed vulnerabilities in VMware products, following warnings from VMware and the Cybersecurity and Infrastructure Security Agency.
開発チームと運用チーム間のコミュニケーションを促進するためにセキュリティリーダーができること
2022/5/17Developers, Ops and DevOps teams must incorporate security into their processes – often a hard sell. Here’s how security leaders can successfully align with them to weave security into their tools and workflows.
Nessus に統合された Terrascan でクラウドインフラストラクチャのセキュリティを強化
2022/5/17The addition of Terrascan to the Nessus family of products helps users better secure cloud native infrastructure by identifying misconfigurations, security weaknesses, and policy violations by scanning Infrastructure as Code repositories.