CVE-2024-0204: Fortra GoAnywhere MFT Authentication Bypass Vulnerability
January 23, 2024Proof-of-concept exploit details are available for a newly disclosed critical vulnerability in Fortra GoAnywhere Managed File Transfer (MFT), a product historically targeted by ransomware
CVE-2023-22527: Atlassian Confluence Data Center and Server Template Injection Exploited in the Wild
January 23, 2024In the wild exploitation has begun for a recently disclosed, critical severity flaw in Atlassian Confluence Data Center and Server
Level Up Your Cloud Security Strategy
January 22, 2024Learn how to better your cloud security program with these ten security resolutions.
Cybersecurity Snapshot: Critical Infrastructure Orgs Cautioned About Chinese Drones, While Water Plants Advised To Boost Incident Response
January 19, 2024Find out why Uncle Sam is warning critical infrastructure facilities about drones made in China, while urging water treatment plants to beef up incident response plans. Plus, the challenges stressing out CISOs are also opening new doors for them. In addition, the latest on the Androxgh0st malware. And much more!
Tap Into Your Inner Logs for Better Anomaly Detection and Incident Response
January 19, 2024Tenable Cloud Security enriches cloud activity log data to give you the context you need to quickly respond to and remediate cloud risks.
Tenable Cloud Security Now Supports the Generation of Pull Requests for Remediation Suggestions
January 18, 2024The new capability is designed to make it more efficient for security teams to pass remediation recommendations on to the infrastructure team to implement. Here’s how it works.
Oracle January 2024 Critical Patch Update Addresses 191 CVEs
January 17, 2024Oracle addresses 191 CVEs in its first quarterly update of 2024 with 389 patches, including 37 critical updates.
CVE-2023-6548, CVE-2023-6549: Zero-Day Vulnerabilities Exploited in Citrix NetScaler ADC and NetScaler Gateway
January 16, 2024Two zero-day vulnerabilities in Citrix NetScaler ADC and NetScaler Gateway have been exploited in the wild. Urgent patching is required to address these flaws.
Beyond the Horizon: Top 5 Cloud Security Trends to Watch in 2024
January 16, 2024Generative AI will undoubtedly boost organizations’ cybersecurity capabilities. However, cybersecurity departments will reap few gains from generative AI without first enforcing solid cloud security principles. In this blog, we explain the top cloud security trends that organizations must track – and adapt to – this year in order to maintain a robust cloud security posture.
Cybersecurity Snapshot: How To Boost the Cybersecurity of AI Systems While Minimizing Risks
January 12, 2024Check out expert recommendations for deploying AI tools securely. Plus, the World Economic Forum ranks cyberattacks and AI misinformation among today’s top global risks. In addition, cyber insurance demand is forecast to grow robustly. And a warning about adversary-in-the-middle (AiTM) attacks and how to mitigate them. And much more!
CVE-2023-46805, CVE-2024-21887: Zero-Day Vulnerabilities Exploited in Ivanti Connect Secure and Policy Secure Gateways
January 10, 2024Two zero-day vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure have been exploited in the wild, with at least one attack attributed to nation-state actors.
Microsoft’s January 2024 Patch Tuesday Addresses 48 CVEs (CVE-2024-20674)
January 9, 2024Microsoft addresses 48 CVEs in its January 2024 Patch Tuesday release with no zero-day or publicly disclosed vulnerabilities.