研究: Tenable、CISA の既知の悪用された脆弱性 (KEV) カタログに登録された脆弱性に最も迅速かつ広範囲に対応
Tenable ranked first in multiple vulnerability management categories, including the most comprehensive coverage and quickest detection of CISA's Known Exploited Vulnerabilities, according to a Miercom report commissioned by Tenable....
MrBeast 詐欺:YouTube や TikTok で偽のプレゼントを宣伝するためのなりすましにディープフェイクや認証済みアカウントが使用される
MrBeast, the most popular YouTube creator as of October 2023, has been impersonated in a variety of scams on YouTube and TikTok, including a recent deepfake promoting a free iPhone giveaway...
CISA、Bluetooth 経由で悪用可能な脆弱性を KEV カタログに追加
Updated Oct. 5: As of Oct. 4, 2023, CISA has removed the five Owl Labs vulnerabilities from KEV. CISA notes that it "is continually collaborating with partners across government and the private sector. As a result of this collaboration, CISA has concluded that there is insufficient evidence to keep ...
Tenable 主催の Capture the Flag 2023: 結果報告!
It's time to crown the winners of this year's Capture the Flag Event!...
Service Location Protocol (SLP) を使用して公開された管理インターフェイスを検索
Exposed management interfaces are valuable entry points for attackers. CISA による拘束力のある運用指令 23-02 では、インターネットからそれらを排除することを求めています。Here’s a novel approach for finding some of these elusive devices using SLP....
CVSSv4: セキュリティ専門家が知っておくべきこと
The latest revision of the industry standard for ranking vulnerabilities has some changes that practitioners will find useful. Here, we'll discuss them, as well as Tenable' plans to implement the scoring system in its products....
Gartner® レポートからエクスポージャー管理の詳細について学ぶ
Tenable では、DX 時代のアタックサーフェスを保護するためにサイバーエクスポージャー管理が必要であると考えています。 しかし、そう考えるのは私たちだけではありません。 Gartner のレポート「Predicts 2023: Enterprises Must Expand from Threat to Exposure Management” report is required reading for cybersecurity teams adopting an exposure management pro...
落とし穴に注意! NVD を待っていると組織は危険にさらされる
This is the first of a four-part series examining the period of time between when a vulnerability is first discovered and when it is fully disclosed on the National Vulnerability Database. We explore the impact of that gap on an organization’s cyber risk and discuss how Tenable can help....
落とし穴に注意! 既存の脆弱性フレームワークが組織を危険にさらす
This is the second of a four-part series examining the period of time between when a vulnerability is first discovered and when it is fully disclosed on the National Vulnerability Database. In this installment, we explore how common industry frameworks leave security teams with blind spots — and dis...
落とし穴に注意! 2022 年に公開された脆弱性の詳細
This is the third of a four-part series examining the period of time between when a vulnerability is first discovered and when it is fully disclosed on the National Vulnerability Database. In this installment, we take a closer look at the vulnerabilities disclosed in 2022 —and discuss how Tenable ca...
落とし穴に注意! 2022 年の注目すべき 8 件の CVE
This is the last of a four-part series examining the period of time between when a vulnerability is first discovered and when it is fully disclosed on the National Vulnerability Database. In this installment, we examine eight notable CVEs with significant gaps in disclosure timelines and discuss how...
業界を先導する Tenable の Security End-of-Life プラグインプログラム
Handling end-of-life conditions for software and hardware products is complicated by different stages and definitions. Tenable is leading the way on defining these disparate vulnerabilities under a comprehensive Security End of Life framework that addresses the common risk exposure to our customers....
