Tenable ブログ
サイバーセキュリティニュース: 攻撃された SharePoint の脆弱性に緊急パッチがリリース、米国政府が AI 行動計画を発表
DeepSeek ディープダイブ パート 1: キーロガーやランサムウェアなどのマルウェアの作成
Tenable Research examines DeepSeek R1 and its capability to develop malware, such as a keylogger and ransomware. We found it provides a useful starting point, but requires additional prompting and debugging....
マイクロソフト 2025 年 3 月月例セキュリティ更新プログラム、56 件の CVE を修正 (CVE-2025-26633、CVE-2025-24983、CVE-2025-24993)
Microsoft addresses 56 CVEs, including seven zero-day flaws, with six of those being exploited in the wild....
サイバーセキュリティニュース: CSA がデータセキュリティの課題とベストプラクティスを概説、ISACA が IT 専門家の維持に関するヒントを提供
Check out best practices for shoring up data security and reducing cyber risk. Plus, get tips on how to improve job satisfaction among tech staff. Meanwhile, find out why Congress wants federal contractors to adopt vulnerability disclosure programs. And get the latest on cyber scams; zero-day vulner...
CVE-2025-22224、CVE-2025-22225、CVE-2025-22226: VMware ESXi、Workstation、Fusion のゼロデイ脆弱性が悪用される
Broadcom published an advisory for three flaws in several VMware products that were exploited in the wild as zero-days. Organizations are advised to apply the available patches....
Azure カスタムロールの作成:「NotActions」を「Action」にする
Creating custom Roles in Azure can be a complex process that may yield long and unwieldy Role definitions that are difficult to manage. However, it doesn’t have to be that way. Read on to learn how you can simplify this process using the Azure “NotActions” and “NotDataActions” attributes, and create...
サイバーセキュリティニュース: OpenSSF がオープンソース プロジェクトを保護するためのフレームワークを発表、IT-ISAC によると AI がランサムウェアのステルス性を高める
Check out a new framework for better securing open source projects. Plus, learn how AI is making ransomware harder to detect and mitigate. In addition, find out the responsible AI challenges orgs face today. And get the latest on AI tool sprawl; ransomware trends; and much more!...
高度な OT 脅威対策にはアイデンティティ セキュリティが必要
Sophisticated OT threats, like living-off-the-land (LotL) attacks, exploit identity vulnerabilities to infiltrate critical infrastructure. Find out how robust identity security and unified exposure management can help you detect, prioritize and mitigate risks across IT and OT environments....
アイデンティティベースのサイバー攻撃を防御するにはプロアクティブなセキュリティ対策を重視する
Protecting identities has become a top priority for security teams. However, many organizations remain exposed due to blind spots caused by identity sprawl and misplaced trust in identity providers. This blog explores why traditional security measures fall short, how AI-driven attackers are escalati...
サイバーセキュリティニュース: CISA、Ghost ランサムウェアグループが既知の脆弱性を狙うと警告、調査によると多くのサイバーセキュリティ専門家が転職を希望している
Check out mitigation recommendations to protect your organization against the Ghost ransomware gang. Plus, get tips on how to attract and retain top cybersecurity professionals. And learn the latest on the most prevalent malware; CIS Benchmarks; an AI security hackathon; and much more!...