Tenable ブログ
Tenable、GSA OneGov と連携して連邦政府のクラウドセキュリティ強化を支援
Kubernetes Persistent Volumes を保護する際に留意すべき点
To many, Kubernetes is a black box that’s difficult to understand, manage and secure. If you’re using stateful persistent volumes – cloud resources that live and manage data outside the scope of your pods – it can be even darker.
リングイスティックランバージャック:ログエンドポイントを介したクラウドサービスの攻撃(Fluent Bit-CVE-2024-4323)
Tenable Research has discovered a critical memory corruption vulnerability dubbed Linguistic Lumberjack in Fluent Bit, a core component in the monitoring infrastructure of many cloud services.
サイバーセキュリティニュース: CISA が医療機関にブラックバスタについて警告、Tenable の調査によりクラウド環境の侵害が蔓延していることが判明
Find out why healthcare organizations must beware of the Black Basta ransomware group. Meanwhile, a Tenable study found that 95% of surveyed organizations suffered a cloud-related breach, and offers insights for boosting cloud security. Plus, a Cloud Security Alliance report delves into how AI…
Kinsing マルウェアはマニュアルページとして侵入し、クラウドサーバーを標的にする
Tenable Cloud Security Research Team has recently discovered that Kinsing malware, known for targeting Linux-based cloud infrastructures, exploits Apache Tomcat servers with new advanced stealth techniques. Explore our analysis and the indicators of compromise in this report.
マイクロソフトの 2024 年 5 月月例セキュリティ更新プログラム: 59 件の CVE に対処 (CVE-2024-30051、CVE-2024-30040)
Microsoft addresses 59 CVEs in its May 2024 Patch Tuesday release with one critical vulnerability and three zero-day vulnerabilities, two of which were exploited in the wild.
Tenable のクラウドセキュリティ調査の驚くべき結果: 調査対象組織の 95% が 18 か月間にわたってクラウド環境における侵害の被害を受けていた
「Tenable 2024 年クラウドセキュリティの展望」の調査結果は、先行的で堅牢なクラウドセキュリティが必要であることを明確に示しています。 Read on to learn more about the study’s findings, including the main challenges cloud security teams face, their strategies for better protecting their cloud…
パラダイムシフト: サイバー保険業界が予防的なセキュリティに注力すべき理由
As claims and losses climb, it’s clear that preventive security should be prioritized more when designing a cyber insurance policy. Here’s why preventive security investments are cost effective and can lead to lower premiums.
サイバーセキュリティニュース: 「ファイブアイズ」の新しいガイドがセキュリティ・バイ・デザインを説明、NIST が GenAI リスク フレームワークを公開
Is the software your company wants to buy securely designed? A new guide outlines how you can find out. Meanwhile, a new NIST framework can help you assess your GenAI systems’ risks. Plus, a survey shows a big disconnect between AI usage (high) and AI governance (low). And MITRE’s breach post…
CVE-2024-21793、CVE-2024-26026: F5 の「BIG-IP Next Central Manager」の脆弱性をエクスプロイトする概念実証がリリース
Researchers disclose multiple vulnerabilities in F5 BIG-IP Next Central Manager and provide proof-of-concept exploit code, which could lead to exposure of hashed passwords.
営業チームに問い合わせる