Blogs Tenable
How Tenable Research Discovered a Critical Remote Code Execution Vulnerability on Anthropic MCP Inspector
Access Keys: An Unintended Backdoor-by-Design to Azure Storage Accounts Data
Learn the importance of understanding the assignments of Azure resource roles when giving permissions....
Unpacking the U.S. National Security Memorandum on Improving Cybersecurity for Critical Infrastructure
Recent activity from the Biden Administration represents a watershed moment in the establishment of baseline standards for preparing, mitigating and responding to attacks that impact the critical infrastructure we all rely on. On July 28, the Biden Administration issued the National Security Memora...
The AWS Shared Responsibility Model: Everything You Need to Know
What the shared responsibility model means, its many challenges & how to protect your cloud infrastructure....
How Risk-based Vulnerability Management Can Help Address the Most Commonly Exploited Vulnerabilities Today
Tenable's analysis of the 29 vulnerabilities highlighted in a recent CISA alert reveals key differences between CVSS and our Vulnerability Priority Rating.Attackers continue to exploit known and prevalent vulnerabilities. Last year, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) an...
Se concentrer sur l'essentiel : 6 étapes pour se défendre contre les ransomwares
Les ransomwares sont la monétisation d'une mauvaise cyber-hygiène. Voici six étapes qui vous permettront d'améliorer vos défenses en matière de sécurité.Les attaques de ransomware sont devenues la bête noire de la direction de presque toutes les organisations. In 2020 alone, there were more than 300 million ransomware attacks recorded, an increase of more t...
AWS Resource Provisioning with Attribute Based Access Control (ABAC): ce qu'il faut savoir
ABAC offers highly dynamic control of the actions that principals can perform on resources, however there are some things you need to pay attention to when using ABAC in order to avoid unnecessary security gaps....
CVE-2021-34527 : Microsoft Releases Out-of-Band Patch for PrintNightmare Vulnerability in Windows Print Spooler
Microsoft issues an out-of-band patch for critical ‘PrintNightmare’ vulnerability following reports of in-the-wild exploitation and publication of multiple proof-of-concept exploit scripts Update July 9, 2021: The Solution section has been updated to clarify the vulnerable configurations as well as...
The Importance of Identity and Access Management (IAM) in Cloud Infrastructure
How to manage human and service identities, and their entitlements, to secure your cloud infrastructure....
Elon Musk and YouTube Advertising Scams: Fake SpaceX “Coin” Promoted in Ads During Cryptocurrency Videos
Scammers are on pace to steal nearly $1 million USD from unsuspecting users through a popular decentralized finance protocol, Uniswap, by abusing YouTube to promote a fake SpaceX coin as part of ads appearing before and during cryptocurrency videos.BackgroundIn early May, scammers compromised Twitte...