Tenable-Blog
CVE-2025-54309: CrushFTP Zero-Day Vulnerability Exploited In The Wild
Cybersecurity Snapshot: As AI Worries Spike, Experts Send Secure AI Advice to the White House, Capitol Hill
Learn all about the recommendations the NAIAC made to the U.S. government for responsible AI. Plus, employees go gaga over ChatGPT, while cyber teams get tasked with securing it. Also, we look at cloud IAM challenges and how to tackle them. And much more!...
The Default Toxic Combination of GCP Compute Engine Instances
By default, compute instances in GCP are prone to a toxic combination that you should be aware of, and can avoid and fix....
Maritime OT-Sicherheit: Stürmische Gewässer oder ruhige Fahrt voraus?
Die maritime Industrie steuert durch eine Flut von Veränderungen, was Cybersecurity angeht. Doch die miteinander vernetzten Schiffe und neuen Technologien, die der Schifffahrt zu größerer Effizienz verhelfen, führen auch zu neuen Cyberrisiken. Here's what you need to know about the challenges and risks these floating cities face —...
How Exposure Management Can Make Pen Testing More Effective
Pen testing needs to be supplemented with a routine vulnerability scanning schedule to pick up changes that may introduce vulnerabilities over time, to improve efficiencies in the overall process and to reduce the overhead costs in the penetration testing process....
Ein praktischer Ansatz zur Risikominderung in Fertigungsstätten
Es wird viel über Cybersecurity für Fertigungsstätten geredet, aber wo beginnen? Machen wir es nicht zu kompliziert und gehen darauf ein, warum Angreifer tun, was sie tun, und was Sie dagegen unternehmen können. Es geht darum, Risiken zu minimieren und Ihre Maßnahmen zu maximieren, um die besten Ergebnisse zu erzielen. Read on to learn mor...
CVSSv4 is Coming: What Security Pros Need To Know
The latest revision of the industry standard for ranking vulnerabilities has some changes that practitioners will find useful. Here, we'll discuss them, as well as Tenable' plans to implement the scoring system in its products....
Tenable Cyber Watch: Verizon DBIR Warns About BEC and Ransomware, Cloud Security Tops CISOs’ Concerns, and more
This week’s edition of the Tenable Cyber Watch unpacks Verizon’s DBIR 2023 report and its warnings about the rise in BEC scams and ransomware attacks and addresses the greatest areas of concerns for cybersecurity leaders. Also covered: why app stores may soon be required to disclose their apps’ coun...
CVE-2023-33299: Critical Remote Code Execution Vulnerability in FortiNAC
Fortinet has released a patch fixing a remote code execution vulnerability in several versions of FortiNAC...
Cybersecurity Snapshot: As Feds Hunt CL0P Gang, Check Out Tips on Ransomware Response, Secure Cloud Management and Cloud App Data Privacy
Learn all about the U.S. government’s reward for CL0P ransomware leads. Plus, check out ransomware incident response recommendations. Also, review concrete guidance on cloud system administration and on designing cloud apps with privacy by default. And much more!...