Tenable blog
What Makes This “Data Privacy Day” Different?
CVE-2023-35078: Ivanti Endpoint Manager Mobile (EPMM) / MobileIron Core Unauthenticated API Access Vulnerability
Critical vulnerability in a popular mobile device management solution from Ivanti has been exploited in the wild in limited attacks...
AI Is About To Take Cybersecurity By Storm: Here's What You Can Expect
Generative AI will elevate the practice of successful preventive cybersecurity, but how will it manifest itself across cybersecurity products? Here are a few game-changers to look for....
Tenable Cyber Watch: U.S. Gov Outlines Cybersecurity Investment Priorities, Study Shows Cyber Teams Are Too Confident, and more
This week’s edition of Tenable Cyber Watch unpacks CISA and the NSA’s CI/CD defense guidance and explores the White House’s cybersecurity investment priorities. Also covered: why one study says cyber teams are too confident. ...
Cybersecurity Snapshot: CISOs Say Breaches Are Down, but Staffing Remains Difficult
Find out what’s working well for CISOs – and what could be better. Plus, why you should pay attention to the FTC’s investigation into ChatGPT-maker OpenAI. Also, check out a primer for C-level execs on adopting generative AI. Plus, the free cloud security tools CISA recommends you use. And much more...
Oracle July 2023 Critical Patch Update Addresses 183 CVEs
Oracle addresses 183 CVEs in its third quarterly update of 2023 with 508 patches, including 76 critical updates....
CVE-2023-3519: Critical RCE in Netscaler ADC (Citrix ADC) and Netscaler Gateway (Citrix Gateway)
Citrix has released a patch fixing a remote code execution vulnerability in several versions of Netscaler ADC and Netscaler Gateway that has been exploited. Organizations are urged to patch immediately....
Tenable Cyber Watch: NAIAC Submits First Report to Biden, 80% of Employees Oppose ChatGPT Bans at Work, and more
This week’s edition of Tenable Cyber Watch unpacks the NAIAC’s first report delivered to President Biden and explores Glassdoor’s survey finding that 80% of employees oppose ChatGPT bans at their workplace. Also covered: CISA releases two new guides aimed at helping cyber teams protect cloud apps. ...
Cybersecurity Snapshot: CISA and NSA Dive into CI/CD Security, While MITRE Ranks Top Software Weaknesses
Learn about the guidance from the U.S. government for defending CI/CD pipelines. Plus, check out the 25 most dangerous software weaknesses. Also, what developers like about AI tools – and what they don’t. And much more!...
CVE-2023-3595, CVE-2023-3596: Rockwell Automation ControlLogix Vulnerabilities Disclosed
Rockwell Automation issues advisory for multiple vulnerabilities, including a critical flaw that could lead to disruption or destruction of critical infrastructure processes....