CVE-2021-41773: Apache HTTP Serverにおけるパストラバーサルのゼロデイ脆弱性の悪用が確認される
The Apache HTTP Server Project patched a path traversal vulnerability introduced less than a month ago that has been exploited in the wild.Update October 7: The Solution section has been updated to reflect the secondary fix the Apache HTTP Server Project released.BackgroundOn October 5, the Apache H...
Tenable.adを使用してIBM QRadar SIEMをさらに一歩進める
If you can't continuously monitor Active Directory, it's impossible to achieve full visibility into your evolving attack surface. Here's how combining Tenable.ad with IBM QRadar can help. It's no secret that CISOs are constantly challenged with new cyberthreats across an expanding attack surface. T...
サウジアラビアでの注目すべき事例: 新しい働き方により攻撃者が狙うセキュリティのリスクが拡大する
A new world of work has been adopted by Saudi Arabian organizations, with many planning to make hybrid and remote work models permanent. Here’s how these changes are increasing risk. The transition to cloud adoption and remote work practices, which were being cautiously adopted in Saudi Arabia prio...
インドでの注目すべき事例: リモートワークによりサイバーセキュリティのリスクが拡大する
India's plans for hybrid work models in the next 12-24 months are outpacing the speed of security in India. Find out where organizations need to place their focus to secure the new world of work. The rapid deployment of new technologies to facilitate remote work heightened the level of risk for Ind...
オーストラリアでの注目すべき事例: リモートワークに移行する中で、サイバー攻撃が増加
Snap lockdowns are making remote work models a permanent feature — and leaving organisations more exposed to risk. Find out how the floodgates for cyberattacks have opened in Australia. As many Australians grapple with long stints of remote work due to snap lockdowns, it's looking more certai...
An Introduction to “Scan Everything”
A “scan everything” approach tests and triages every asset to understand your organization’s risk and how to reduce risk quickly and efficiently. ...
上司にゼロトラストを理解してもらうには
A recent Executive Order from the Biden Administration put zero trust architecture in the spotlight. When your top execs come asking about it, here's what you need to know. President Joseph R. Biden's May 12 Executive Order on Improving the Nation's Cybersecurity brought renewed interest in zero tr...
CVE-2021-38647 (OMIGOD): Azure Linux 仮想マシンにおける「緊急」なリモートコード実行の脆弱性
Agents installed by default on Azure Linux virtual machines are vulnerable to a remote code execution flaw that can be exploited with a single request. Background On September 14, researchers at Wiz disclosed a set of four vulnerabilities in Microsoft’s Open Management Infrastructure (OMI), an ope...
Tenable、セキュリティをコードとして定義するためにAccuricsを買収する契約を締結
Tenable has entered into an agreement to acquire Accurics. Learn more....
取締役会にゼロトラストを理解してもらうには
Framing zero trust as a cybersecurity strategy for reducing business risk is a surefire way to get your executive leadership to take notice. It's no secret that CISOs and other cybersecurity leaders struggle to communicate with executive management and boards of directors in a language they can und...
ポリシーのコード化によってサイバーレジリエンスを確立する方法
When it comes to cloud native architecture, the one constant we can count on is change. Complex systems need a comprehensive, proactive security approach, and that is where Policy as Code (PaC) comes into play. Policy as Code takes the policies that are most important to your organization, codifi...
Access Keys: An Unintended Backdoor-by-Design to Azure Storage Accounts Data
Learn the importance of understanding the assignments of Azure resource roles when giving permissions....
