Tenable ブログ
The developer credential economy: Why exposure data is the new front line in the supply chain war
CVE-2024-7593: Ivanti Virtual Traffic Manager における認証バイパスの脆弱性
Ivanti released a patch for a critical severity authentication bypass vulnerability and a warning that exploit code is publicly available
マイクロソフトの2024年8月月例更新プログラム、88 件の脆弱性に対処
Microsoft addresses 88 CVEs with seven critical vulnerabilities and 10 zero-day vulnerabilities, six of which were exploited in the wild.
マイクロソフトの AI ヘルスケア チャットボット サービスの侵害
Tenable Research が、サーバーサイドリクエストフォージェリ (SSRF) を介した Azure Health Bot Service 内における複数の権限昇格の問題を発見しました。この問題を悪用されると、テナント間リソースへのアクセスが可能であることがわかりました。
サイバーセキュリティニュース: 最新のレポートがクラウドの主要な脅威をランク付け、CISA ガイドがソフトウェア製品のセキュリティ評価に役立つ
The Cloud Security Alliance has released its list of top cloud threats for 2024. Plus, CISA and the FBI published a guide for determining if a software product was built ‘secure by design.’ Meanwhile, find out how AI can transform offensive security. And get the latest on the Royal ransomware gang,…
CVE-2024-20419: Cisco Smart Software Manager オンプレミスにおけるパスワード変更の脆弱性
Critical vulnerability in Cisco Smart Software Manager On-Prem exposes systems to unauthorized password changes, exploit code now available.BackgroundOn July 17, 2024, Cisco published an advisory for a critical vulnerability in Cisco’s Smart Software Manager On-Prem (SSM On-Prem)…
Windows 資産上の危険なサードパーティ製ドライバーの検出
Kernel-mode drivers are critical yet risky components of the Windows operating system. Learn about their functionality, the dangers they pose, and how Tenable's new plugins can help identify and mitigate vulnerabilities using community-driven resources like LOLDrivers.
AI アタックサーフェスのセキュリティ対策:よく理解されているものと未知なるものを区別する
There's a lot of confusion and unknowns regarding AI application risks, and a lot of vendors are trying to offer solutions to problems that aren't clearly defined. In this blog we explain why a smart approach is to start by focusing on basic, foundational cyber hygiene, adopt well-established best…
AI への露出のリスク
As AI usage becomes more prevalent in organizations globally, security teams must get full visibility into these applications. 環境内の AI アプリケーションの包括的なインベントリを構築することが最初のステップです。Read on to learn what we found about AI application-usage in the real world when…
セキュリティ第一のアプローチ: ユーザー(AI も含む)の入力を決して信用しない
As AI transforms industries, security remains critical. Discover the importance of a security-first approach in AI development, the risks of open-source tools, and how Tenable's solutions can help protect your systems.
