FlowFixation: AWS Apache Airflow サービスが乗っ取られる脆弱性とガードレールの無視が大手 CSP をリスクにさらす
Tenable Research discovered a one-click account takeover vulnerability in the AWS Managed Workflows Apache Airflow service that could have allowed full takeover of a victim’s web management panel of the Airflow instance. The discovery of this now-resolved vulnerability reveals a broader problem of m...
IDC で、Tenable が世界のデバイス脆弱性管理市場シェアで 5 年連続第 1 位にランクイン
The research firm’s latest report also provides market insights that security professionals can use to improve their vulnerability management strategy....
豚殺し詐欺: Tinder、TikTok、WhatsApp、Telegram などを悪用した長期詐欺が数億ドルを盗取
本稿は、豚殺し詐欺を解説した 2 部構成のブログの第 1 部です。世界で何万人もの人に被害を与え、数億ドルの損失が生じた犯罪について解説し、This blog highlights the who and the how of Pig butchering scams, and details the Pig butchering playboo...
豚殺し詐欺: ビットコイン、イーサリアム、ライトコイン、金スポット (XAUUSD) 投資が恋愛詐欺に悪用されて数億ドルの被害に
本稿は、2022 年末から 2024 年初旬まで実施した豚殺し詐欺の直接調査の内容を 2 部構成で解説するブログの第 2 部です。In this post, we delve into the types of investment scams perpetrated by pig butchers to steal hundreds of millions of dollars from victims, including in the form ...
Edulog ポータルの脆弱性により幼稚園生から高校生の位置情報データが流出
Tenable Research discovered security flaws in a popular transportation management app that allowed access to student location data. While these issues have been fixed, the findings again prove the importance of strong authentication and access control....
認証スキャンで脆弱性スキャンの価値を最大化
Want to get a lot more value out of your vulnerability scans? Start doing authenticated scanning...
険しい道を突き進む: 日本における予防的なセキュリティに関する人員・プロセス・テクノロジーの課題の克服
Uncover the obstacles hindering preventive cybersecurity and ways to build cyber resilience for your Japanese organisation in a commissioned study conducted in 2023 by Forrester Consulting on behalf of Tenable....
ApatchMe - Amazon Web Services (AWS) および Google Cloud Platform (GCP) の Apache Airflow サービスにおける認証後の保存された XSS の脆弱性
Unpatched Apache Airflow instances used in Amazon Web Services (AWS) and Google Cloud Platform (GCP) allow an exploitable stored XSS through the task instance details page....
インドの組織が予防的サイバーセキュリティを実践できない原因
Uncover the obstacles hindering preventive cybersecurity and ways to build cyber resilience for your Indian organisation in a commissioned study conducted in 2023 by Forrester Consulting on behalf of Tenable....
人材、プロセス、テクノロジーの課題がオーストラリアの予防的サイバーセキュリティ妨げとなっている
Uncover the obstacles hindering preventive cybersecurity and ways to build cyber resilience for your Australian organisation in a commissioned study conducted in 2023 by Forrester Consulting on behalf of Tenable....
人材、プロセス、テクノロジーの課題がアジア太平洋地域の予防型サイバーセキュリティの妨げとなっている
Uncover the obstacles hindering preventive cybersecurity and ways to build cyber resilience for your APAC organisation in a commissioned study conducted in 2023 by Forrester Consulting on behalf of Tenable....
人材不足、プロセス、テクノロジーの課題がサイバーセキュリティチームに悪影響を及ぼす
In a commissioned study conducted in 2023 by Forrester Consulting on behalf of Tenable, we set out to understand the real-world challenges standing in the way of effective risk-reduction practices. Here’s what we learned. ...
