Patch Tuesday’s Impact on Cybersecurity Over the Years
December 22, 2022Dive into the history of Patch Tuesday and learn how it continues to influence the ways security teams manage patches.
CVE-2022-37958: FAQ for Critical Microsoft SPNEGO NEGOEX Vulnerability
December 21, 2022Microsoft recently reclassified a vulnerability in SPNEGO NEGOEX, originally patched in September, after a security researcher discovered that it can lead to remote code execution. Organizations are urged to apply these patches as soon as possible.
Cloud Native Application Protection Platform (CNAPP): An Evolving Approach to Cloud Security
December 20, 2022A look at how IAM works and how CIEM enhances IAM security in the cloud.
Your Guide to IAM – and IAM Security in the Cloud
December 20, 2022A look at how IAM works and how CIEM enhances IAM security in the cloud.
Tenable Cyber Watch: Policing the Metaverse, Securing AI and ML, Daixin's Threat to Hospitals, and Shifting to Integrated Cyber Platforms
December 19, 2022To help you zap those Monday blahs, here’s a caffeinated shot of cyber news you can use: Police chiefs must get hip to the metaverse. CISOs are shifting to integrated cybersecurity platforms. There's new guidance for securing ML and AI systems. Hospitals face a ransomware threat from the Daixin cyber gang.
Cybersecurity Snapshot: Phishing Scams, Salary Trends, Metaverse Risks, Log4J Poll
December 16, 2022Get the latest on worrisome phishing stats; businesses’ embrace of the metaverse, come what may; a (small) improvement in CISO job stability; the compensation cost of security leaders; and more!
Microsoft’s December 2022 Patch Tuesday Addresses 48 CVEs (CVE-2022-44698)
December 13, 2022Microsoft addresses 48 CVEs including two zero-day vulnerabilities, one that has been exploited in the wild (CVE-2022-44698) and one that was publicly disclosed prior to a patch being available (CVE-2022-44710).
CVE-2022-27518: Unauthenticated RCE in Citrix ADC and Gateway
December 13, 2022Citrix has patched a critical remote code execution vulnerability in its Gateway and ADC products. This vulnerability has reportedly been exploited as a zero day; organizations should patch urgently.
How To Assess the Cybersecurity Preparedness of IT Service Providers and MSPs
December 13, 2022Improperly evaluating the cybersecurity capabilities of prospective IT service providers and managed service providers (MSPs) can put your organization's data and systems at risk. A new guide from CompTIA can help you ask the right questions.
CVE-2022-42475: Fortinet Patches Zero Day in FortiOS SSL VPNs
December 12, 2022Fortinet has patched a zero day buffer overflow in FortiOS that could lead to remote code execution. There has been a report of active exploitation and organizations should patch urgently.
What Happens When the Metaverse Enters Your Attack Surface?
December 12, 2022Tenable polled 1,500 cybersecurity, IT and DevOps professionals about their top concerns in the nascent virtual reality worlds of the metaverse. Here's what we found out.
Tenable Cyber Watch: Shift Left Challenges, Anti-Ransomware Efforts, Quantum Risks and CISO Anxiety
December 12, 2022Beat the Monday blues with cyber news you can use | Shift-left efforts falling short. The White House’s war on ransomware. Everything you’ve ever wanted to know about CISOs. The quantum computing risk...