サイバーセキュリティニュース: 初の量子耐性暗号アルゴリズムが利用可能、新たな AI リスク データベースが公開
NIST has released the first encryption algorithms that can protect data against quantum attacks. Plus, MIT launched a new database of AI risks. Meanwhile, the CSA published a paper outlining the unique risks involved in building systems that use LLMs. And get the latest on Q2’s most prevalent malwar...
CVE-2024-7593: Ivanti Virtual Traffic Manager における認証バイパスの脆弱性
Ivanti released a patch for a critical severity authentication bypass vulnerability and a warning that exploit code is publicly available...
マイクロソフトの2024年8月月例更新プログラム、88 件の脆弱性に対処
Microsoft addresses 88 CVEs with seven critical vulnerabilities and 10 zero-day vulnerabilities, six of which were exploited in the wild....
マイクロソフトの AI ヘルスケア チャットボット サービスの侵害
Tenable Research discovered multiple privilege-escalation issues in the Azure Health Bot Service via a server-side request forgery (SSRF), which allowed researchers access to cross-tenant resources....
サイバーセキュリティニュース: 最新のレポートがクラウドの主要な脅威をランク付け、CISA ガイドがソフトウェア製品のセキュリティ評価に役立つ
The Cloud Security Alliance has released its list of top cloud threats for 2024. Plus, CISA and the FBI published a guide for determining if a software product was built ‘secure by design.’ Meanwhile, find out how AI can transform offensive security. And get the latest on the Royal ransomware gang, ...
CVE-2024-20419: Cisco Smart Software Manager オンプレミスにおけるパスワード変更の脆弱性
Critical vulnerability in Cisco Smart Software Manager On-Prem exposes systems to unauthorized password changes, exploit code now available.BackgroundOn July 17, 2024, Cisco published an advisory for a critical vulnerability in Cisco’s Smart Software Manager On-Prem (SSM On-Prem):CVEDescriptionCVSSv...
Windows 資産上の危険なサードパーティ製ドライバーの検出
Kernel-mode drivers are critical yet risky components of the Windows operating system. Learn about their functionality, the dangers they pose, and how Tenable's new plugins can help identify and mitigate vulnerabilities using community-driven resources like LOLDrivers....
AI アタックサーフェスのセキュリティ対策:よく理解されているものと未知なるものを区別する
There's a lot of confusion and unknowns regarding AI application risks, and a lot of vendors are trying to offer solutions to problems that aren't clearly defined. In this blog we explain why a smart approach is to start by focusing on basic, foundational cyber hygiene, adopt well-established best p...
AI への露出のリスク
As AI usage becomes more prevalent in organizations globally, security teams must get full visibility into these applications. 環境内の AI アプリケーションの包括的なインベントリを構築することが最初のステップです。Read on to learn what we found about AI application-usage in the real world when w...
セキュリティ第一のアプローチ: ユーザー(AI も含む)の入力を決して信用しない
As AI transforms industries, security remains critical. Discover the importance of a security-first approach in AI development, the risks of open-source tools, and how Tenable's solutions can help protect your systems....
サイバーエクスポージャを阻止する新しい Tenable ブランドのご紹介
At Tenable, our mission is to manage and reduce cyber risk, because cyber risk is business risk. Feedback from dozens of top CISOs is reflected in our latest brand evolution. Tenable is the exposure management company that helps customers know where their weaknesses lie, expose their risk and close ...
データを行動に変える:インテリジェンス主導の脆弱性管理
脆弱性管理チームでは、コンテキストを踏まえた脆弱性の優先順位付けが常に課題となっています。公開される CVE が増えていくにつれて、この作業が簡単になることはありません。To remedy this, many enterprises are forced to invest in products and services to protect their environments with various ...