CVE-2021-41773: Path Traversal Zero-Day in Apache HTTP Server Exploited
October 5, 2021The Apache HTTP Server Project patched a path traversal vulnerability introduced less than a month ago that has been exploited in the wild.Update October 7: The Solution section has been updated to re...
Taking IBM QRadar SIEM One Step Further Using Tenable.ad
September 30, 2021If you can't continuously monitor Active Directory, it's impossible to achieve full visibility into your evolving attack surface. Here's how combining Tenable.ad with IBM QRadar can help. It's no sec...
Spotlight on the Kingdom of Saudi Arabia: The New World Of Work Introduces Risks Attackers Can Utilize
September 22, 2021A new world of work has been adopted by Saudi Arabian organizations, with many planning to make hybrid and remote work models permanent. Here’s how these changes are increasing risk. The transition t...
Spotlight on India: A Perimeter-less Workplace Introduces More Risk
September 22, 2021India's plans for hybrid work models in the next 12-24 months are outpacing the speed of security in India. Find out where organizations need to place their focus to secure the new world of work. The...
Spotlight on Australia: Remote Work is Here to Stay and So are Cyberattacks
September 22, 2021Snap lockdowns are making remote work models a permanent feature — and leaving organisations more exposed to risk. Find out how the floodgates for cyberattacks have opened in Australia. As many...
An Introduction to “Scan Everything”
September 21, 2021A “scan everything” approach tests and triages every asset to understand your organization’s risk and how to reduce risk quickly and efficiently.
How to Talk to Your Boss About Zero Trust
September 20, 2021A recent Executive Order from the Biden Administration put zero trust architecture in the spotlight. When your top execs come asking about it, here's what you need to know. President Joseph R. Biden'...
CVE-2021-38647 (OMIGOD): Critical Flaw Leaves Azure Linux VMs Vulnerable to Remote Code Execution
September 17, 2021Agents installed by default on Azure Linux virtual machines are vulnerable to a remote code execution flaw that can be exploited with a single request. Background On September 14, researchers at Wiz...
Security Defined As Code - Why Tenable has entered into an agreement to acquire Accurics
September 13, 2021Tenable has entered into an agreement to acquire Accurics. Learn more.
How to Talk to the Board About Zero Trust
September 9, 2021Framing zero trust as a cybersecurity strategy for reducing business risk is a surefire way to get your executive leadership to take notice. It's no secret that CISOs and other cybersecurity leaders ...
How to Establish Cyber Resilience with Policy as Code
August 10, 2021When it comes to cloud native architecture, the one constant we can count on is change. Complex systems need a comprehensive, proactive security approach, and that is where Policy as Code (PaC) comes ...
Access Keys: An Unintended Backdoor-by-Design to Azure Storage Accounts Data
August 10, 2021Learn the importance of understanding the assignments of Azure resource roles when giving permissions.
