ETHOS: Bringing the OT Security Community Together for Threat Information Sharing
April 24, 2023Tenable participates in a first-of-its-kind initiative that will aggregate information from several operational technology (OT) security vendors to share emerging threat intelligence with critical infrastructure service providers.
CVE-2023-20864: VMware Aria Operations for Logs Deserialization Vulnerability
April 21, 2023VMware issues advisory to address two flaws in its VMware Aria Operations for Logs solution, including a critical deserialization flaw assigned a CVSSv3 score of 9.8.
Cybersecurity Snapshot: The Latest on Supply Chain Security – SBOM Distribution, Open Source Flaws and a New Security Framework
April 21, 2023Check out what CISA says about the sharing of software bills of materials. Plus, why you should tread carefully with open source components. Also, the SLSA supply chain security framework is ready. In addition, security worries hold back enterprise IoT adoption. And much more!
Oracle April 2023 Critical Patch Update Addresses 231 CVEs
April 19, 2023Oracle addresses 231 CVEs in its second quarterly update of 2023 with 433 patches, including 74 critical updates.
7 Regulatory and Compliance Frameworks with Broad Cloud Security Implications
April 19, 2023Security teams responsible for enforcing regulatory and compliance mandates in a scalable and consistent way are often challenged to translate general legislative guidelines and controls into specific policies, tools and processes.
Announcing the 2023 Tenable Assure Partner Award Winners
April 17, 2023Celebrating the elite defenders who are helping organizations around the world reduce their cyber risk.
Tenable Cyber Watch: FBI Warns of Sophisticated BEC Scam, NIST Unveils Its New AI Resource Center, and more
April 17, 2023This week’s edition of the Tenable Cyber Watch unpacks the business email compromise scams (BEC) that are targeting vendors and explores NIST’s new AI Resource Center. Also covered: The most in-demand cybersecurity jobs for this year according to COMPTIA’s “State of the Tech Workforce Report” for 2023.
Cybersecurity Snapshot: As ChatGPT Concerns Mount, U.S. Govt Ponders Artificial Intelligence Regulations
April 14, 2023As ChatGPT security worries rise, the Biden administration looks at crafting AI policy controls. Plus, Samsung reportedly limits ChatGPT use after employees fed it proprietary data. Also, how password mis-management lets ex-staffers access employer accounts. In addition, the top identity and access management elements to monitor. And much more!
Agents vs. Agentless: Which Solution Is Right for Your Public Cloud Environment?
April 12, 2023You can scan cloud systems for security problems in multiple ways depending on what your instances are running, how long they’re up and whether or not they can run an agent or be accessed with administrative credentials. Network scanning, installed agents, or public cloud APIs can all report findings, but there are tradeoffs. In a recent episode of the Tenable Cloud Security Coffee Break series, we talked about each approach, the appropriate use cases and how Tenable Cloud Security can help.
Microsoft’s April 2023 Patch Tuesday Addresses 97 CVEs (CVE-2023-28252)
April 11, 2023Microsoft addresses 97 CVEs, including one that was exploited in the wild as a zero day.
TSA, FAA Requirements Emphasize Cybersecurity for Airport and Aircraft Operators and Airport Terminal Projects: How Tenable Can Help
April 11, 2023The TSA and FAA are making cybersecurity a priority for airport and aircraft operators and for airport terminal projects to prevent disruption and degradation to their infrastructure. Here's what you need to know — and how Tenable can help.
Tenable Cyber Watch: U.S. Government Mulls TikTok Ban, Europol Warns About ChatGPT Cyber Risks, and more
April 10, 2023This week’s edition of the Tenable Cyber Watch unpacks the U.S. government’s efforts to ban TikTok and addresses Europol’s concerns about ChatGPT cyber risks. Also covered: How CISA’s new pre-ransomware alert initiative could be a gamechanger for would-be ransomware victims.