CVE-2022-27510: Critical Citrix ADC and Gateway Authentication Bypass Vulnerability
November 9, 2022Citrix publishes an advisory to address multiple flaws in its ADC and Gateway products, including a critical vulnerability.
Microsoft’s November 2022 Patch Tuesday Addresses 62 CVEs (CVE-2022-41073)
November 8, 2022Microsoft addresses 62 CVEs including four zero-day vulnerabilities that were exploited in the wild.
Shift left: Still a Work in Progress
November 8, 2022Experts say “shift left” practices are falling short. Here’s what you need to know and what you can do about it. Researchers are calling on companies to do a better job of educating developers abou...
Cybersecurity Snapshot: Salary Trends, Ransomware Summit, Next-gen MFA
November 4, 2022Get the latest on salary trends for CISOs and cybersecurity pros; CISA’s call for adopting phishing-resistant MFA; the White House’s ransomware summit; and more!
How to Improve Your Incident Response in the Cloud
November 3, 2022A look at the security best practices and mindset to adopt to better detect and recover from malicious activity in your cloud infrastructure.
Tenable One Exposure Management Platform: Unlocking the Power of Data
November 3, 2022When our data engineering team was enlisted to work on Tenable One, we knew we needed a strong partner. Here’s how we selected Snowflake to help us deliver on the promise of exposure management.
CVE-2022-3786 and CVE-2022-3602: OpenSSL Patches Two High Severity Vulnerabilities
November 1, 2022OpenSSL has patched two vulnerabilities, pivoting from its earlier announcement, in version 3.0.7.
What You Should Know about the New OpenSSL Vulnerability
October 31, 2022How to detect which OpenSSL version you’re running and if your organization is exposed to the critical OpenSSL vulnerabilities - CVE-2022-3602 (Remote Code Execution) and CVE-2022-3786 (Denial of Service) - and what to do about it.
Cybersecurity Snapshot: Tips for cloud configs, MSP vetting, CISO board presentations
October 28, 2022Get the latest on Microsoft 365 security configurations; effective CISO board presentations; rating MSPs’ cybersecurity preparedness; and hospitals’ Daixin cyberthreat.
IBM Cost of a Data Breach 2022 – Highlights for Cloud Security Professionals
October 27, 2022Learn from the 2022 IBM report about the true cost of ransomware, compromised credentials and other breaches.
To Boost Software Supply Chain Security, Stop the Finger-Pointing
October 27, 2022Google’s annual DevOps report finds that organizations with a low-blame, collaborative approach have stronger app dev security practices.
CVE-2021-39144: VMware Patches Critical Cloud Foundation Vulnerability in XStream Open Source Library
October 26, 2022VMware issues patches for end-of-life versions of Cloud Foundation Network Security Virtualization for vSphere (NSX-V) to address a critical vulnerability in an open source library. Background ...