Blogs Tenable
Identity-First Security: Mitigating the Cloud’s Greatest Risk Vector
Shoring Up Water Security: Industry Leaders Testify Before Congress
The House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection recently brought together industry leaders and stakeholders to discuss the urgent need for protective measures, baseline cybersecurity standards and collaboration initiatives to fortify the nation’s critical…
Cybersecurity Snapshot: Critical Infrastructure Orgs Must Beware of China-backed Volt Typhoon, Cyber Agencies Warn
The Volt Typhoon hacking gang is stealthily breaching critical infrastructure IT environments so it can strike on behalf of the Chinese government, cyber agencies say. Plus, ransomware gangs netted $1 billion-plus in 2023. In addition, new group tasked with addressing the quantum computing threat…
Keep the Water Flowing for the DoD: Securing Operational Technology from Cyberattacks
Malicious actors are ramping up attacks against water and wastewater systems (WWS), which are not only attractive targets but also complex to protect. LeDepartment of Defense (DoD) in particular operates a large number of WWS facilities. Read on to learn how a strong cybersecurity program…
Frequently Asked Questions on Security Incident at AnyDesk
Frequently asked questions relating to a security incident at AnyDesk that was publicly disclosed on February 2.
Cybersecurity Snapshot: Attackers Hack Routers To Hit Critical Infrastructure, as CISA Calls for More Secure Router Design
CISA is calling on router makers to improve security, because attackers like Volt Typhoon compromise routers to breach critical infrastructure systems. Meanwhile, data breaches hit an all-time high in the U.S. Plus, Italy says ChatGPT violates EU privacy laws. And a cyber expert calls on…
Une hygiène insuffisante dans la gestion des identités à l'origine d'une attaque contre Microsoft commanditée par un État-nation
La dernière violation subie par Microsoft prouve une nouvelle fois que la détection et la réponse aux incidents ne suffisent pas. La source d'une attaque étant quasiment toujours la conséquence d'une seule négligence en matière d'autorisation utilisateur, il est devenu crucial que les entreprises adoptent une sécurité préventive.
CVE-2023-46805, CVE-2024-21887, CVE-2024-21888 and CVE-2024-21893: Frequently Asked Questions for Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways
Frequently asked questions for five CVEs affecting Ivanti Connect Secure and Policy Secure Gateways, with three of the vulnerabilities having been exploited in the wild as zero-days.
L'avis des leaders du cloud sur les principaux défis
Un nombre excessif d'identités, de systèmes et d'intervenants complique une tâche déjà difficile.
Not a Blackbelt in Attack Path Analysis? Tenable ExposureAI Helps You Achieve Proactive Security
With attacks becoming more sophisticated, security teams must spend more time analyzing different entry points into the organization, as well as numerous tactics, techniques and procedures. Find out how Tenable ExposureAI helps you overcome these challenges and enhances your efficiency and…
