CISOs Tell All: Everything You’ve Ever Wanted To Know About CISOs in 2022
October 11, 2022You’ve got questions and they’ve got answers. A global survey provides a snapshot of what it’s like to sit in the CISO chair, as these cybersecurity leaders face increasingly sophisticated cyber threa...
Tenable.io: To control or not to control, that is the question
October 10, 2022For large deployments of Tenable, where Tenable.io is shared across geographical or business boundaries, you can leverage role-based access control (RBAC) to logically segment scan data or, where required, restrict access to its scan data. In this blog, we’ll explain the configuration required to implement RBAC successfully.
Top 20 CVEs Exploited by People's Republic of China State-Sponsored Actors (AA22-279A)
October 7, 2022CISA, the NSA and FBI issue a joint advisory detailing the top 20 vulnerabilities exploited by state-sponsored threat actors linked to the People’s Republic of China.
CVE-2022-40684: Critical Authentication Bypass in FortiOS and FortiProxy
October 7, 2022Fortinet has patched a critical authentication bypass in its FortiOS and FortiProxy products that could lead to administrator access.
Cybersecurity Snapshot: 6 Things That Matter Right Now
October 7, 2022Topics that are top of mind for the week ending Oct. 7 | CISA puts spotlight on asset inventory and vulnerability management | Think tank does deep dive on IoT security | What’s the current state of cybersecurity? Not great | New malware cracks monthly top 10 list | And much more!
Public Network Access to Azure Resources Is Too Easy to Configure
October 6, 2022For some types of Microsoft Azure resources and subnets, it’s extremely easy to configure what is essentially public network access. We describe here some examples and how to reduce such risks.
Introducing the Tenable One Exposure Management Platform
October 4, 2022Anticipate likely attacks. Proactively reduce your exposure. Communicate with your key stakeholders.
Exposure Management: Reducing Risk in the Modern Attack Surface
October 4, 2022Cybersecurity organizations struggle with reactive and siloed security programs and with a sprawl of point tools that generate heaps of fragmented data but few insights. Here we explain why they need an exposure management platform that provides comprehensive visibility and allows them to anticipate threats, prioritize remediation and reduce risk.
CVE-2022-41040 and CVE-2022-41082: ProxyShell Variant Exploited in the Wild
September 30, 2022Microsoft has confirmed reports of two zero-day vulnerabilities in Microsoft Exchange Server that have been exploited in the wild. Patches are not yet available.
Cybersecurity Snapshot: 6 Things That Matter Right Now
September 30, 2022Topics that are top of mind for the week ending Sept. 30 | Are you ready for the quantum threat? | Tips for protecting critical infrastructure from cyberattacks | How to prevent MFA fatigue attacks | “FiGHT” to secure 5G networks | And much more!
Diving Deeply into IAM Policy Evaluation: Highlights from AWS re:Inforce IAM433
September 29, 2022One of the most talked-about sessions at AWS re:Inforce was IAM433, which discussed AWS IAM’s internal evaluation mechanisms.
The shift to integrated cybersecurity platforms: a growing trend among CISOs
September 27, 2022New ESG and ISSA study shows nearly half of organizations are shifting towards integrated cybersecurity platforms. Here’s why many CISOs are making the shift. Less complexity, more security. The...