Tenable blog
Cybersecurity Snapshot: WEF Offers AI Security Best Practices, as DORA Regulation Places Strict Cyber Rules on Banks
Tenable Cyber Watch: U.S. Gov Outlines Cybersecurity Investment Priorities, Study Shows Cyber Teams Are Too Confident, and more
This week’s edition of Tenable Cyber Watch unpacks CISA and the NSA’s CI/CD defense guidance and explores the White House’s cybersecurity investment priorities. Also covered: why one study says cyber teams are too confident. ...
Cybersecurity Snapshot: CISOs Say Breaches Are Down, but Staffing Remains Difficult
Find out what’s working well for CISOs – and what could be better. Plus, why you should pay attention to the FTC’s investigation into ChatGPT-maker OpenAI. Also, check out a primer for C-level execs on adopting generative AI. Plus, the free cloud security tools CISA recommends you use. And much more...
Oracle July 2023 Critical Patch Update Addresses 183 CVEs
Oracle addresses 183 CVEs in its third quarterly update of 2023 with 508 patches, including 76 critical updates....
CVE-2023-3519: Critical RCE in Netscaler ADC (Citrix ADC) and Netscaler Gateway (Citrix Gateway)
Citrix has released a patch fixing a remote code execution vulnerability in several versions of Netscaler ADC and Netscaler Gateway that has been exploited. Organizations are urged to patch immediately....
Tenable Cyber Watch: NAIAC Submits First Report to Biden, 80% of Employees Oppose ChatGPT Bans at Work, and more
This week’s edition of Tenable Cyber Watch unpacks the NAIAC’s first report delivered to President Biden and explores Glassdoor’s survey finding that 80% of employees oppose ChatGPT bans at their workplace. Also covered: CISA releases two new guides aimed at helping cyber teams protect cloud apps. ...
Cybersecurity Snapshot: CISA and NSA Dive into CI/CD Security, While MITRE Ranks Top Software Weaknesses
Learn about the guidance from the U.S. government for defending CI/CD pipelines. Plus, check out the 25 most dangerous software weaknesses. Also, what developers like about AI tools – and what they don’t. And much more!...
CVE-2023-3595, CVE-2023-3596: Rockwell Automation ControlLogix Vulnerabilities Disclosed
Rockwell Automation issues advisory for multiple vulnerabilities, including a critical flaw that could lead to disruption or destruction of critical infrastructure processes....
Finding Rockwell Automation Allen-Bradley Communication Modules Affected by CVE-2023-3595 and CVE-2023-3596 in OT Environments
Identifying vulnerable systems in your industrial environment can be complex. Use the wrong tool and it will overlook affected devices. Find out how Tenable OT Security is designed to give you in-depth asset visibility to address these new vulnerabilities without disrupting productivity....
Microsoft’s July 2023 Patch Tuesday Addresses 130 CVEs (CVE-2023-36884)
Microsoft addresses 130 CVEs including five that were exploited in the wild as zero-day vulnerabilities and guidance on the malicious use of Microsoft signed drivers....
