Oracle April 2023 Critical Patch Update Addresses 231 CVEsApril 19, 2023
Oracle April 2023 Critical Patch Update Addresses 231 CVEs Oracle addresses 231 CVEs in its second quarterly update of 2023 with 433 patches, including 74 critical updates. Background On ...
7 Regulatory and Compliance Frameworks with Broad Cloud Security ImplicationsApril 19, 2023
Security teams responsible for enforcing regulatory and compliance mandates in a scalable and consistent way are often challenged to translate general legislative guidelines and controls into specific policies, tools and processes.
Announcing the 2023 Tenable Assure Partner Award WinnersApril 17, 2023
Celebrating the elite defenders who are helping organizations around the world reduce their cyber risk.
Tenable Cyber Watch: FBI Warns of Sophisticated BEC Scam, NIST Unveils Its New AI Resource Center, and moreApril 17, 2023
This week’s edition of the Tenable Cyber Watch unpacks the business email compromise scams (BEC) that are targeting vendors and explores NIST’s new AI Resource Center. Also covered: The most in-demand cybersecurity jobs for this year according to COMPTIA’s “State of the Tech Workforce Report” for 2023.
Cybersecurity Snapshot: As ChatGPT Concerns Mount, U.S. Govt Ponders Artificial Intelligence RegulationsApril 14, 2023
As ChatGPT security worries rise, the Biden administration looks at crafting AI policy controls. Plus, Samsung reportedly limits ChatGPT use after employees fed it proprietary data. Also, how password mis-management lets ex-staffers access employer accounts. In addition, the top identity and access management elements to monitor. And much more!
Agents vs. Agentless: Which Solution Is Right for Your Public Cloud Environment?April 12, 2023
You can scan cloud systems for security problems in multiple ways depending on what your instances are running, how long they’re up and whether or not they can run an agent or be accessed with administrative credentials. Network scanning, installed agents, or public cloud APIs can all report findings, but there are tradeoffs. In a recent episode of the Tenable Cloud Security Coffee Break series, we talked about each approach, the appropriate use cases and how Tenable Cloud Security can help.
Microsoft’s April 2023 Patch Tuesday Addresses 97 CVEs (CVE-2023-28252)April 11, 2023
Microsoft’s April 2023 Patch Tuesday Addresses 97 CVEs (CVE-2023-28252) Microsoft addresses 97 CVEs, including one that was exploited in the wild as a zero day 7Critical 90Important 0Moderat...
TSA, FAA Requirements Emphasize Cybersecurity for Airport and Aircraft Operators and Airport Terminal Projects: How Tenable Can HelpApril 11, 2023
The TSA and FAA are making cybersecurity a priority for airport and aircraft operators and for airport terminal projects to prevent disruption and degradation to their infrastructure. Here's what you need to know — and how Tenable can help.
Tenable Cyber Watch: U.S. Government Mulls TikTok Ban, Europol Warns About ChatGPT Cyber Risks, and moreApril 10, 2023
This week’s edition of the Tenable Cyber Watch unpacks the U.S. government’s efforts to ban TikTok and addresses Europol’s concerns about ChatGPT cyber risks. Also covered: How CISA’s new pre-ransomware alert initiative could be a gamechanger for would-be ransomware victims.
Cybersecurity Snapshot: ChatGPT Use Can Lead to Data Privacy ViolationsApril 7, 2023
Learn how businesses can run afoul of privacy laws with generative AI chatbots like ChatGPT. Plus, the job market for cyber analysts and engineers looks robust. Also, cybercrooks lost a major resource with the Genesis Market shutdown. In addition, the six common mistakes cyber teams make. And much more!
Tenable Cyber Watch: Help for MITRE ATT&CK Mapping, Why Organizations Struggle with SaaS Data Protection, and moreApril 3, 2023
This week’s edition of the Tenable Cyber Watch unpacks CISA’s new ‘Decider” tool, which aims to streamline MITRE ATT&CK mapping. We also explore why organizations struggle with data protection of software as a service apps. Also covered: Why cyber pros think cloud creates opportunities for cyber teams to significantly improve security.
Cybersecurity Snapshot: CISA Issues Incident Response Tool for Microsoft Cloud ServicesMarch 31, 2023
Learn about a free tool for detecting malicious activity in Microsoft cloud environments. Plus, Europol warns about ChatGPT cyber risks. Also, how business email compromise (BEC) scammers are stealing merchandise. In addition, CISA alerts orgs about early-stage ransomware breaches. And much more!